You are not logged in.
- Topics: Active | Unanswered
Pages: 1
#1 Today 00:54:19
- sun skin only
- Member
- Registered: 2025-10-01
- Posts: 8
Username Sanitisation
TL;DR
Is the site (https://dev1galaxy.org) vulnerable to sql injection via the username field (register and login) due to allowing whitespace (check my name)?
LONG
Seached the forum quickly and found nothing on this. Referencing TL;DR, since most sites i see,don't allow whitespace and people use _ and
- instead. I'm not someone that has skills myself but i learn about cyber security for the sake of general knowledge. The reason i'm writing this is
for personal peace of mind, not to say anyone's incompetent since there's anti-bot measures and such, but if this was an oversight then i'd rather say something
than not. Else thank you for the constant maintainance of the site. Also if you maintain Devuan.org, thanx for the lack of cookies and JS.
Offline
#2 Today 01:36:26
- ralph.ronnquist
- Administrator
- From: Battery Point, Tasmania, AUS
- Registered: 2016-11-30
- Posts: 1,548
Re: Username Sanitisation
When you try it, please don't do something destructive in case you succeed.
Offline
Pages: 1
