Tag: sql-injection
All the articles with the tag "sql-injection".
-
Second-Order SQL Injection: When Trusted Data Turns Hostile
How a crafted display name stored through a product review becomes a SQL injection payload when an admin filters reviews on the moderation panel.
-
SQL Injection via X-Forwarded-For Header: Exploiting IP Tracking
Exploiting a SQL injection vulnerability in OopsSec Store's visitor tracking by injecting malicious payloads through the X-Forwarded-For HTTP header.
-
SQL Injection: From Dropdown to Database Dump
How a simple order status filter can be exploited to extract every user's credentials from the database.
