watto33
commented
4 years ago I have solved this issue and made a pull request to this repo.
Meanwhile, you can get the code at https://github.com/watto33/bWAPP
Closed VinWare closed 8 months ago
watto33
commented
4 years ago I have solved this issue and made a pull request to this repo.
Meanwhile, you can get the code at https://github.com/watto33/bWAPP
When SQL Injection is performed on GET/Search, if an incorrect query is sent, the server says that one argument is needed for mysqli_error. Although I am not sure if this is one of the bugs expressly included, it seems not, because the error is only visible on the server end; the client simply has "Error:" printed out.
Can be checked by URL http://localhost:4000/sqli_1.php?title=%27or1%3D1%3B--&action=search