...
Likewise, an attacker could supply a string for <PASSWORD> such as:
| Code Block |
|---|
' orOR '1'='1 |
This would yield the following command:
...
describes a vulnerability in Apache Tomcat 4.1.0 through 4.1.37, 5.5.0 through 5.5.26, and 6.0.0 through 6.0.16. When a | ||||
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="b0b3c407594dacba-f198549b-4ad4438c-af32bc78-8f8757d54e1ea71ef55c3d37"><ac:plain-text-body><![CDATA[ | [ISO/IEC TR 24772:2010 | http://www.aitcnet.org/isai/] | "Injection [RST]" | ]]></ac:plain-text-body></ac:structured-macro> |
CWE-116, "Improper Encoding or Escaping of Output" |
...
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="c0fb65509218e41f-39c16b55-4e0c424f-a6659a09-eac74657f34569b3548d123c"><ac:plain-text-body><![CDATA[ | [[OWASP 2005 | AA. Bibliography#OWASP 05]] |
| ]]></ac:plain-text-body></ac:structured-macro> | |
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="d939d8ac68c55662-6d4d34bb-4bb04a24-adf1a9ef-39ce8351de455667399f8677"><ac:plain-text-body><![CDATA[ | [[OWASP 2007 | AA. Bibliography#OWASP 07]] |
| ]]></ac:plain-text-body></ac:structured-macro> | |
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="11d7840282b281b3-1494a701-4b3e4314-9c45b6ef-e95586f491289f75f6d179fc"><ac:plain-text-body><![CDATA[ | [[OWASP 2008 | AA. Bibliography#OWASP 08]] | [Testing for XML Injection (OWASP-DV-008) | https://www.owasp.org/index.php/Testing_for_XML_Injection_%28OWASP-DV-008%29] | ]]></ac:plain-text-body></ac:structured-macro> |
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="4a9e5d34c9d692ca-e93e691c-44a04399-a4bd96ae-a2d24d43c4fb7f4679984e36"><ac:plain-text-body><![CDATA[ | [[W3C 2008 | AA. Bibliography#W3C 08]] | 4.4.3 Included If Validating | ]]></ac:plain-text-body></ac:structured-macro> |
...