kazet
commented
3 months ago Sure! Let's assume you have a PHP site that always (regardless of the parameters) run an incorrect SQL query and prints a SQL error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'id = 1' at line 1
Currently, this Nuclei template detects SQL errors.
We should ensure that on page without injections no error appears to filter out false positives where an error appears always, so there's no SQLi present.
Avoid duplicating the huge list of detected strings.
Detect also: "Uncaught Error: Call to a member function fetch_assoc() on bool" Inject also
", not only'Bonus points: detect time-based SQL injection