Answered step by step
Verified Expert Solution
Link Copied!

Question

1 Approved Answer

A website contains the following code which sends a message, user name and password to a server: 1 c form action = message . php

A website contains the following code which sends a message, user name and password to a server: 1c form action=message.php method=get2c pMessage: input type=text name=message//p3c pUsername: input type=text name=user//p4c pPassword: input type=text name=pass//p5c pinput type=submit//p and on the server the message.php page processes this data: 1s ?php 2s $user = $REQUEST[user]; 3s $pass = $REQUEST[pass]; 4s $message = $REQUEST[message]; 5s $result = mysqlimultiquery($con,UPDATE messages SET 6s message=.$message. WHERE user=.$user.); 7s $row = mysqlifetcharray($result); 8s if (!empty($row))9s echo Your message: .$message. has been added; 10s 11s ? Describe four security weaknesses in this website, how they might be exploited and rank them in order of severity. [8 marks]

Step by Step Solution

There are 3 Steps involved in it

Step: 1

blur-text-image

Get Instant Access to Expert-Tailored Solutions

See step-by-step solutions with expert insights and AI powered tools for academic success

Step: 2

blur-text-image

Step: 3

blur-text-image

Ace Your Homework with AI

Get the answers you need in no time with our AI-driven, step-by-step assistance

Get Started

Recommended Textbook for

Database Systems Introduction To Databases And Data Warehouses

Authors: Nenad Jukic, Susan Vrbsky, Svetlozar Nestorov

1st Edition

1943153191, 978-1943153190

More Books

Students also viewed these Databases questions

Question

(a) 011 101 011 101

Answered: 1 week ago