[WEB SECURITY] SQL injection in cookies variable

Sandro Gauci sandro at enablesecurity.com
Sun Aug 28 14:28:48 EDT 2011

Hello 65535,

The following advisory regarding OpenX and the associated demo video
described SQL injection using the cookie:


Any user input (in this case, any part of the HTTP request) can be
used for SQL injection if it is in some way passed to an SQL
statement. As usual, google is indeed your friend - there are various
documented cases of SQL injection through cookies :)

Sandro Gauci
Chief Consultant and Founder of EnableSecurity
Email: sandro at enablesecurity.com
Web: http://enablesecurity.com/
PGP: 514D B10C 8C3C 15BB 2EFD  49EC 7CCD 73C5 0295 F23B

On Sun, Aug 28, 2011 at 2:47 PM, OxFFFF 1336 <0x1336.9 at gmail.com> wrote:
> Hey there,
> I'm doing some researchs concerning SQL injection in cookies variable and I
> want to now if there are previous papers or materials related to this.
> I'll be glad if you can help me with this :)
> Many thanx in advance,
> Cheers
> _______________________________________________
> The Web Security Mailing List
> WebSecurity RSS Feed
> http://www.webappsec.org/rss/websecurity.rss
> Join WASC on LinkedIn http://www.linkedin.com/e/gis/83336/4B20E4374DBA
> WASC on Twitter
> http://twitter.com/wascupdates
> websecurity at lists.webappsec.org
> http://lists.webappsec.org/mailman/listinfo/websecurity_lists.webappsec.org

More information about the websecurity mailing list