-
I am experiencing a consistent 403 error across multiple servers when executing SQL queries via cPanel and other database management tools. The issue seems to be related to ModSecurity, as disabling i…
-
For quantitative testing mode, the numbers reported for libInjection rules do not match with the numbers produced by running the reference shell script against Apache + ModSecurity v2.
## Testing 1…
-
**Feature Request**:
Create a wordlist for safe SQL Injection fuzzing that doesn't contain dangerous parameters
**Additional context**:
Logical operators like `' OR 1=1` can be dangerous if succe…
-
When I can't understand what you mean by server ip. wh
i put same of my ip lh
-wh i do not know what is it so i waw by a vps and install php and apache server on it and set ip as -wh
-wp i set ht…
-
i was trying to upload file to webwolf, but i got this
and here is the request and the response,
…
-
### Prerequisites
* [x] Put an X between the brackets on this line if you have done all of the following:
* Checked the FAQs on the message board for common solutions: (TBD)
* Checked tha…
-
**Describe the bug**
Error log entries are truncated if the error log line is long enough. This cuts off information like the rule tags, sometimes even severity etc.
This comes up in the context…
-
## Requirements
- Find out where do we use SQL operators, for example in rule 942120 and 942520 and move them to an include file (might be specific for sqlite)
- Review other rules for sqli and fi…
fzipi updated
1 month ago
-
### Describe the bug
I tested ZAP with 41 test cases, and from these, ZAP incorrectly issued 9 SQL Injection warnings. My test suite included cases that actually involved SQL Injections as well as ca…
-
### What side quest or challenge are you solving?
Bug Hunter
### Points
150
### Description
Some textfields like "Organization Name" and "Product Name" are accepting html syntax as an input val…