Closed govardhanrk closed 3 months ago
Following kind of APIs can be used for SQL injection attack
`https://fatplantsmu.ddns.net:5000/get_species_records/?expression=1%27and(select*from(select%2Bsleep(2))a%2F**%2Funion%2F**%2Fselect%2B1)%3D%27&species=lmpd
https://fatplantsmu.ddns.net:5000//get_species_records/?expression=1%27and(select*from(select%2Bsleep(5))a%2F**%2Funion%2F**%2Fselect%2B1)%3D%27&species=lmpd HTTP/1.1`
Need to find and fix such APIs
Following kind of APIs can be used for SQL injection attack
`https://fatplantsmu.ddns.net:5000/get_species_records/?expression=1%27and(select*from(select%2Bsleep(2))a%2F**%2Funion%2F**%2Fselect%2B1)%3D%27&species=lmpd
https://fatplantsmu.ddns.net:5000//get_species_records/?expression=1%27and(select*from(select%2Bsleep(5))a%2F**%2Funion%2F**%2Fselect%2B1)%3D%27&species=lmpd HTTP/1.1`
Need to find and fix such APIs