Avatar
Jurjen de Vries 1y ago

""At this point, we realized we had discovered a very serious problem," Carroll added. "Anyone with basic knowledge of SQL injection could log in to this site and add anyone they wanted to KCM and CASS, allowing themselves to both skip security screening and then access the cockpits of commercial airliners." https://www.theregister.com/2024/08/30/sql_injection_known_crewmember/ 🙈🫣 #security

Reply to this note

Please Login to reply.

Discussion

Avatar
Lostdog 1y ago

It's 2024, how are we still finding sql injection vulnerabilities in any system, let alone airport security 🙈

Avatar
Jurjen de Vries 1y ago

I guess a crawler could find this easily around the web