Hacker News new | past | comments | ask | show | jobs | submit login

or load-bearing CGI and perl...

(perl's OK, CGI had a lot more server side injection risk from what I remember)




CGI as in "Common Gateway Interface" or CGI.pm?

If the former, the injection vulnerability would be in the script talking to the server/database via CGI, rather than in CGI itself.

If the latter I don't remember any major unpatched vulnerabilities in CGI.pm, but it was epically inefficient.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: