Once found someone sending a SQL query from JavaScript to an API for execution on the server. Yes, they wrote the query on the frontend.
(Yes, I did try to do a little poking around, but not enough to mess with anything! And yeah, you could do whatever queries you wanted. Nothing was escaped, either.)
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
Once found someone sending a SQL query from JavaScript to an API for execution on the server. Yes, they wrote the query on the frontend.
(Yes, I did try to do a little poking around, but not enough to mess with anything! And yeah, you could do whatever queries you wanted. Nothing was escaped, either.)