A Novel Technique for SQL Injection in PDO's Prepared Statements | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		A Novel Technique for SQL Injection in PDO's Prepared Statements (slcyber.io)
		1 point by donatj 4 months ago \| hide \| past \| favorite \| 1 comment

1oooqooq 4 months ago [–]

only if you're inserting user strings into the statement. meh.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact