 |
Startseite ▼ Bookkeeping
Online ▼ Sicherheits
Überprüfungs ▼
Verwaltetes
DNS ▼
Info
Bestellen/Erneuern
FAQ
AUP
Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password Netzwerk
Überwachung ▼
Enterprise
Erweiterte
Standard
Gratis Test
FAQ
Preis/Funktionszusammenfassung
Bestellen
Beispiele
Konfigurieren/Status Alarm Profile | ||
| Test Kennung: | 1.3.6.1.4.1.25623.1.0.150444 |
| Kategorie: | Policy |
| Titel: | GaussDB Kernel: Configuring the Backslash Quote Usage |
| Zusammenfassung: | backslash_quote specifies whether a single quotation mark (') in a string can be;replaced by a backslash quote (\'). The backslash-quote (\') is accepted in;PostgreSQL due to historical reasons. However, this may bring security risks, such;as SQL injection attacks. To prevent such risks, you are advised to set;backslash_quote to deny queries containing the backslash-quote. In addition, you;are advised to use SQL standard method in which a single quotation mark (') is;Repeated (''). |
| Beschreibung: | Summary: backslash_quote specifies whether a single quotation mark (') in a string can be replaced by a backslash quote (\'). The backslash-quote (\') is accepted in PostgreSQL due to historical reasons. However, this may bring security risks, such as SQL injection attacks. To prevent such risks, you are advised to set backslash_quote to deny queries containing the backslash-quote. In addition, you are advised to use SQL standard method in which a single quotation mark (') is Repeated (''). CVSS Score: 0.0 CVSS Vector: AV:L/AC:H/Au:S/C:N/I:N/A:N |
| Copyright | Copyright (C) 2020 Greenbone Networks GmbH |
| Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten. |