i am trying to make my server injection proof, and have a log table where I store human readable events. Is it possible to put a sql parameter within the Logtext string? In order to prevent any malicious input to come via the maliciousString? Dim User as String = "busssard" Dim Logtext As String =… Read More SQL Parameters within long String with VBNET

I have a simple php website on a local server which simply uploads a file of any type on the server (a directory on my local pc). What I want is that when I upload a php file, I want it to execute, not only save it. There is no security, I just want to… Read More Run PHP file when uploaded

I’ve been reading about code injection using unicode sequences and have been using a tool from Dotnetsafer to locate sequences in a codebad I’ve inherited. This sequence \uD83D\uDCCC keeps coming up: An example: appears as: [588] __builder5.AddMarkupContent(51, "??"); actual : [588] __builder5.AddMarkupContent(51, "\uD83D\uDCCC"); What is this sequence? Why would the code be injecting it into… Read More \uD83D\uDCCC keep showing up in code I've inherited. What does this unicode sequence do?