SQL Command Insertion & Execution in Visual FoxPro

From: Franklin DeMatto (franklin.lists@qDefense.com)
Date: 08/07/02 

Date: Wed, 07 Aug 2002 14:01:00 -0400
To: vuln-dev@securityfocus.com
From: Franklin DeMatto <franklin.lists@qDefense.com>

Shell commands can be executed through insertion in a Jet Database through
|shell("cmd...:)| and in SQL Server through xp_cmdshell

Can they be done in Visual FoxPro? How?

Franklin DeMatto
Senior Analyst, qDefense Penetration Testing
http://qDefense.com
qDefense: Making Security Accessible

Relevant Pages

  • [NT] FoxPro ODBC Driver Buffer Overflow via SQL OpenDataSource()
    ... OpenDataSource function in Microsoft SQL Server when we are connecting to ... "Microsoft Visual FoxPro Driver". ... we can overwrite EIP register with any value. ... SELECT * FROM OpenDataSource('MSDASQL','Driver=Microsoft Visual FoxPro ...
    (Securiteam)
  • Re: Upsize no longer transfers "Required" fields to Not "Allow Nulls"
    ... I'd not bother if the "required" field in Jet database is changed to "Allow ... Since Jet database and SQL Server are two different type ... So, it almost always necessary, after the upsizing, ... I have been working on upsizing an Access 2000 data structure to SQL ...
    (microsoft.public.access.adp.sqlserver)
  • RE: Update Conflict
    ... Microsoft SQL Server 7.0 or later versions and in Visual FoxPro ... record which has the update conflict issue, ...
    (microsoft.public.fox.helpwanted)
  • Re: Data insertion too too slow...
    ... create table srchPool(tid int primary key, taid int, s tynyint, uid ... The above insertion query TOOK about 2000ms to execute, too too slow, ... Books Online for SQL Server 2005 athttp://www.microsoft.com/technet/prodtechnol/sql/2005/downloads/books ... ...
    (comp.databases.ms-sqlserver)
  • Freelance ASP.NET Programmer Looking for work
    ... SQL Server ... Windows API ... Web Services and Windows Services ... Visual Foxpro / Foxpro ...
    (microsoft.public.dotnet.languages.csharp)