JMIt hariyana university site hacked :)

[Desi-Tek.com]

here is the screenshot

*img505.imageshack.us/img505/7462/hackgd2.jpg
if you r studying there than tell your admin to fix the validation bug

 

[gaurav_indian]

hmmmmm

 

[[xubz]]

Most of the Indian Java/JSP coded sites are susceptible to both Remote Exploit and SQL Injection.

Some even fail to put correct validation for Pagination

 

[Desi-Tek.com]

@[xubz] u must be joking! that site is developed in asp.net and java is much more secure ever heared of PreparedStatement? or jpa
and i am a java developer.

and it is a mistake from developer side i'll not blaim .net or php but it is the mistake from developer they should do proper validation most of the developer in india prefer to do validation just from client side but not server side the reason is server side validation put the extra load on server. The safe way is we should do both client side and server side validation. Client side for normally all the users and server side to protect from hackers!

if you are a java developer than remember never use CreateStatement!
use PreparedStatement or much better persistence api

 

[RCuber]

^^^ its not ASP.NET but Classic ASP . note the extension .asp where as ASP.NET will have a .aspx extension.

 

[Desi-Tek.com]

aspx is a extension of .net 2.0 not .net 1.0 here x = xml

and bug is not in programming language but in the code written by the programmer!

 

[RCuber]

aspx is a extension of .net 2.0 not .net 1.0 here x = xml
and bug is not in programming language but in the code written by the programmer!

I dont know where you read it DesiTech. Please let me know where you read it that extension aspx is for 2.0 and not 1.0.

Also its a programming bug as you said.