On 10/26/07, Edward Chernenko edwardspec@gmail.com wrote:
2 SELECT page_namespace FROM page WHERE page_title=? ORDER BY page_namespace (this list may be written into mysql table).
User can inflict query by accessing some script common for all queries, which would find query by it's number (query_id) and print HTML form on GET (with textfields instead of placeholders) or results on POST.
Permitting anonymous users to scan the page table seems like a pretty good DoS vector for whatever server is being sacrificed for this.