Codeview

[ Find the Vulnerability in Code ]

Beginner levels

Injection [ php ]filedump [ php ]alertme [ js ]polluteMe [ js ]It'sDoneOnlyResource

    String query = "SELECT * FROM information WHERE id = ?";

    PreparedStatement pstmt = connection.prepareStatement(query, ... );

    pstmt.setString(1, request.getParameter("information"));

    ResultSet results = pstmt.executeQuery( );

[ hint: admin id ]


← Back