Hi -
just did a scan on Hackersafe & the message below was returned. Looks like a shopperID cookie problem according to tech support. Does anybody know how to fix this? It is a level 4 so Hackersafe will cut us off with their certification unless it gets fixed.
Thanks,
"MS SQL Database Error Disclosure Vulnerability" was discovered on my
system.
The only thing it says is...
Remove the following characters from any
user or dynamic database input:
(examples in VBScript)
# ' (escape the
single quote) input = replace( input, "'", "''" )
# " (double quote) input =
replace( input, """", "" )
# ) (close parenthesis) input = replace( input,
")", "" )
# ( (open parenthesis) input = replace( input, "(", "" )
# ;
(semi-colon) input = replace( input, ";", "" )
# - (dash) input = replace(
input, "-", "" )
# | (pipe) input = replace( input, "|", "" )