1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

site injection through contact form

Discussion in 'BlackHat Lounge' started by nonai, Mar 2, 2015.

  1. nonai

    nonai Power Member

    Joined:
    Oct 10, 2013
    Messages:
    524
    Likes Received:
    64
    if I have a fake contact form on my site (just html form with no php script) is it possible that my site will get hacked through the contact form?
    the html says action="" so there is no php script with it, just the html form.
     
  2. bartosimpsonio

    bartosimpsonio Jr. VIP Jr. VIP Premium Member

    Joined:
    Mar 21, 2013
    Messages:
    12,748
    Likes Received:
    11,414
    Occupation:
    COINZ
    Location:
    BUYAH
    Home Page:
    You can put a html page as the action, just so you don't leave it blank. There is zero risk as HTML pages are simply text that doesn't do anything.
     
    • Thanks Thanks x 1
  3. nirose

    nirose Senior Member

    Joined:
    Oct 24, 2008
    Messages:
    1,020
    Likes Received:
    441
    Location:
    somake.us
    the html page doesn't actually process anything server side, so i'm pretty sure there's no way to harm your site.