Talk:OpenLayers Dynamic KML

From OpenStreetMap Wiki
Jump to: navigation, search

SQL Injection

This script seems to be a prime target for SQL injection attacks. There are a few parameters that are taken from the URL and put into the SQL query string without any form of checking. This is bound to go wrong somewhere...

sybren (talk) 06:46, 13 May 2014 (UTC)