-
### Describe the bug
I tested ZAP with 41 test cases, and from these, ZAP incorrectly issued 9 SQL Injection warnings. My test suite included cases that actually involved SQL Injections as well as ca…
-
```
What steps will reproduce the problem?
1. Pick either scanner or crawler resource, and attempt to scan some URL with
an added apostrophe character, say http://test123.com/'
2. webvulscan tool wil…
-
Mod security blocks a valid request having
9--aB7mnS7GdA3IQ
ModSecurity: Access denied with code 403 (phase 2). detected SQLi using libinjection. [file "/etc/nginx/owasp-modsecurity-crs/rules/REQ…
-
the wiki says that one can place payloads into "switch1/xss.txt" and that it can be called by saying:
Q switch1/xss.txt
However in practice, I cannot get this to function. I have even created a sc…
-
Detection of issues in Ruby files is not working when running the JS version of the extension. This occurs both when running the extension on Mac in JS mode and when using the extension on Windows.
…
-
I have created bchecks for detecting sqli inj, but it seems to be appending the payload only on the GET parameters.
```
metadata:
language: v1-beta
name: "SQL Inj POST"
description: …
sA74n updated
2 months ago
-
please help me
not running sqli-hunter
send request and log:
└─$ sudo ruby bin/sqli-hunter.rb
[sudo] password for kernel:
/var/lib/gems/3.0.0/gems/bundler-2.1.4/lib/bundler/spec_set.rb:86…
-
SQL injection in School Management System 1.0 allows remote attackers
> to modify or delete data, causing persistent changes to the
> application's content or behavior by using malicious SQL queries…
-
### Environment
```
npmPackages:
next: 14.2.3 => 14.2.3
next-auth: ^4.24.7 => 4.24.7
react: ^18 => 18.3.1
```
### Reproduction URL
https://github.com/Girgetto/next-auth-e…
-
Add a page with SQL Injectable session cookies. Dump content with Blind SQL Injection
AvalZ updated
6 years ago