MindRetrieve Blog

MindRetrieve - an open source desktop search tool for your personal web

Saturday, December 10, 2005

Your Site Has Vulnerability

I was testing my web application for security problem. Failure to escape user input is a very common class of security problem. So I created an input string like this:

'"></script><h1><font size=7 color=red>GOTCHA<iframe src=http://mindretrieve.blogspot.com/2005/12/your-site-has-vulnerability.html width=500 height=300>

Cut and paste it into any input fields and then click submit. If you see something you don't expect, that site probably has a problem.

Hurry! Test out your site before hackers do!


Post a Comment

<< Home