Collaborate Disseminate
I have hosted a MySQL database server on a VPS to connect to a flask web app on the same VPS. It only has users with host as local ip address. Can it be accessed by anyone else remotely, except me? If so, how can I make it more secure.
I d… Continue reading Can my local MySQL server be accessed without permission
I created a basic website that includes a login and signup system. The website uses a mySQL server as the backend to store login information. I want to use Kali Linux to perform a white box test on it as a project for class.
Is this even p… Continue reading Can you perform a penetration test on a web application that is running on local host and using an XAMPP server? [closed]
I have a problem and I’m hoping someone could help with a POC.
In a web application, attacker controlled parameter X is used is used unsanitized in two separate SQL queries within the same function.
The first query is a SELECT statement of… Continue reading Valid SQL Injection Syntax where same vulnerable parameter used in both a SELECT and a UPDATE statement
How does this work – will having a database ruin my computer performance in any way? And I don’t mean anything about security just laptop perofrmance. Thanks for answer.
Continue reading Can I have phpMyAdmin on a 2018 home laptop? [closed]
I’m designing an app that receives sensitive data input from a user and that data needs to be saved securely in a database.
As far as I understand it needs asymmetric encryption but since this app has a login to authenticate. I need this p… Continue reading store strings in db with asymmetric encryption for a python app keeping the data secure
I am getting the occasional message from our Fortigate Fortinet firewall, indicating that there is a yaSSL.Buffer.Overflow attack. The log from the Fortinet is:
Description: Subject: attack:MySQL.yaSSL.Buffer.Overflow
Device: cid7543-chi-… Continue reading Need help deciphering these logs regarding YASSL attack on MySQL
I have deployed HashiCorp Vault in a Linux VM, and I want it to connect to an instance of MySQL database running on my host machine.
In my database (host machine IP 100.101.102.103), I have created a user especially for this purpose:
CREAT… Continue reading Unsupported operation when trying to remotely create new MySQL user via HashiCorp Vault [migrated]
If you never set, forgot or need to change your MySQL password, you’re in luck. This article walks you through these steps, so you’ll never be at a loss for that database root user password.
The post How to set, change, and recover your MySQL root pass… Continue reading How to set, change, and recover your MySQL root password
With my team, we have developed a web application that interacts with a MySQL Database that stores quite a lot of information. The application and database runs only in our internal networks and won’t be accessible through Internet.
Around… Continue reading Should I encrypt database data
This is the code:
$stmt = $db->prepare("SELECT DISTINCT * FROM kurssit WHERE BINARY id=? AND BINARY avain=?");
$stmt->bind_param("is", $kurssi, $avain);
// prepare and bind
$kurssi = $_POST["kurssi"];
$a… Continue reading Why can I not sql inject this piece of code?