During a presentation on new software, Joe pointed out to me that the syntax they used was allowing wildcards of a type that suggested that inputs weren’t being sanitized. With a little poking, we determined that we could execute queries that could be harmful. I brought this up to the IT head that I had previously sought a job from.
Me: I think there could be a security hole in this.
Him: Hm… good observation. I think we have everything left open for now but I’ll make a note to make sure we lock everything back up when we’re done. You know, we’re looking for a security guy.
Me: Good to know, I’ll shoot you my resume, again.
I probably said one word too many.