SQL injection through form happening

  • Resolved zawordpress

    (@zawordpress)


    1 year, 5 months ago

    I have received over 500 emails overnight from 2 of the forms on our website with the following code in them:

    ‘/**/and/**/DBMS_PIPE.RECEIVE_MESSAGE(‘l’,8)=’l

    According to Google: ‘The code snippet you provided is a SQL injection attack. SQL injection is a technique that attackers use to gain unauthorized access to a database. The attacker injects malicious SQL code into a query that is being sent to the database. This code can then be used to execute arbitrary commands on the database, such as stealing data or dropping tables.’

    Why did Cleantalknot pick this up as clearly over 500 form submissions in the space of less than 10 minutes is spam.

    Please advise ASAP

Viewing 2 replies - 1 through 2 (of 2 total)
Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘SQL injection through form happening’ is closed to new replies.