1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

site injection through contact form

Discussion in 'BlackHat Lounge' started by nonai, Mar 2, 2015.

  1. nonai

    nonai Power Member

    Joined:
    Oct 10, 2013
    Messages:
    524
    Likes Received:
    64
    if I have a fake contact form on my site (just html form with no php script) is it possible that my site will get hacked through the contact form?
    the html says action="" so there is no php script with it, just the html form.
     
  2. bartosimpsonio

    bartosimpsonio Jr. VIP Jr. VIP Premium Member

    Joined:
    Mar 21, 2013
    Messages:
    12,081
    Likes Received:
    10,845
    Occupation:
    WHEREZ MA
    Location:
    BITCOINS AT?
    Home Page:
    You can put a html page as the action, just so you don't leave it blank. There is zero risk as HTML pages are simply text that doesn't do anything.
     
    • Thanks Thanks x 1
  3. nirose

    nirose Senior Member

    Joined:
    Oct 24, 2008
    Messages:
    1,008
    Likes Received:
    440
    Location:
    somake.us
    the html page doesn't actually process anything server side, so i'm pretty sure there's no way to harm your site.