Forum Thread: Password Fields Present an Insecure Http://

I found this error on a website who's database I want to assuming this means the login credentials are being sent over HTTP instead of the preferes HTTPS. My question is: does this mean the database is vulnerable to SSLInjection or only that I could theoretically listen in and snatch passwords as they are being entered? Or both?

What do you guys think?

2 Responses

If you could please supply the error, it could help us give you more specific results. Besides that OTW has a database hacking series here

I'm not smart enough for all that. I wasusing webaecurify

Share Your Thoughts

  • Hot
  • Active