[ OWASP - Montreal ] Does all sql injection vuln. leads to exploitation?

gueb at owasp.org gueb at owasp.org
Thu Apr 2 23:04:55 EDT 2009


Do you think that all sql injections vulnerabilities are exploitable?
Do you have an
example of a non-exploitable sql injection vulnerability?

Cracking a password in brute force mode is only a question of time (in
general), but:

exploiting a sql injection, is it also a question of time, so when you
find one, all time spent is an investment that will lead to success?


More information about the Owasp-montreal mailing list