dubey/WebGoat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fixed spelling mistakes.

Browse Source 
git-svn-id: http://webgoat.googlecode.com/svn/trunk@64 4033779f-a91e-0410-96ef-6bf7bf53c507
This commit is contained in:
esheri3
2007-01-22 18:10:06 +00:00
parent 3ae171c303
commit a90d292239
20 changed files with 44 additions and 37 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
webgoat/main/project/WebContent/lesson_plans/SqlStringInjection.html
View File

@ -8,7 +8,7 @@ SQL injection attacks represent a serious threat to any database-driven site. Th
<br>
Not only is it a threat easily instigated, it is also a threat that, with a little common-sense and forethought, can be almost totally prevented. This lesson will show the student several examples of SQL injection.<br>
<br>
It is always good practice to sanitize all input data, especially data that will used in OS command, scripts, and database queiries.<br>
It is always good practice to sanitize all input data, especially data that will used in OS command, scripts, and database queries.<br>
<p><b>General Goal(s):</b> </p>
The form below allows a user to view their credit card numbers. Try to inject an SQL string that results in all the credit card numbers being displayed. Try the user name of 'Smith'.
<!-- Stop Instructions -->
<!-- Stop Instructions -->