In my last post , I showed input validation code that uses RegularExpressionValidators improperly. Thanks to Mathew Grabau and Marius Cristian CONSTANTIN for pointing out that the Page’s IsValid property has not been checked before using the input. As...

A lot of web applications use RegularExpressionValidators for performing input validation [1]. Sometimes these validators are not implemented properly, which can lead to potential flaws. See if you can catch the flaw here:- Code for Default.aspx:- 1:...

Identify as many security issues as you can with this piece of code:- 1: [WebMethod] 2: public string GetEmpName( string empid) 3: { 4: SqlConnection con = new SqlConnection( "server=.;database=test;uid=sa;pwd=PassW2rd12" ); 5: SqlCommand cmd =...