Page 1 of 1

Command injection

Posted: Thu Oct 20, 2005 7:42 am
by abalfazl
Hello firends

From zend PHP study guide(page 180)


If data being used to construct a command is intended to be
a single argument,there might be character within data that cause it to be interpreted as multiple argumnets instead.


May someone explain about that?

GOOD LUCK!

Posted: Thu Oct 20, 2005 8:22 am
by feyd
we've had multiple threads on injection, particularly SQL injection as that is where a lot of people are vulnerable when they code. Have you read them?