81
doofy
8y

I've seen native SQL query in JavaScript sent to the backend to execute

Comments
  • 1
    Yeah, reasonable
  • 6
    What's the website? My friend Robert Tables wants to try it out.
  • 0
    @d4ng3r0u5 it is in a closed environment. Outside the local network is not accessible but when you work at there you can do whatever you want
  • 0
    @doofy if there is a network service/daemon running, it's accessible. I think we've figured that out the hard way, unfortunately.
  • 1
    @stable-penguin hmm, you are right! Sadly I cannot fix that now. I leaved that company a while ago :/
    I've told them to fix that when I left, but I don't know they did
  • 1
    @doofy I don't think there is a fix. Otherwise we wouldn't have massive data breaches even after companies and the USA have spent billions $$ on it.. maybe it's just a fact of life. Who knows. #TooDeepForMyMonday!
  • 2
    I've seen that running publicly, but with VBscript. oh, the horror
  • 1
    @doofy once you see it, you can't unsee it! 😂
  • 2
    What could possibly go wrong.
Add Comment