| Advertisement |
SQL Injection in Login.php at Private Program
Program : Private on HackerOne
Method : POST
Affected Path : Login.php
Affected Parameter : username
Bounty : Out Of Scope
-----------------------------------------------
Vulnerable url was
private-site.com/login.php
Tool
Site was Shown to me 2 login Places
( Username & Password)
in Username I've put only ( ' )
Then It shows me this error
This mean This site is vulnerable to SQL injection
Now I just capture the request
and Add it in list.txt file
Then Used SQLMAP to dump the database



nice catch bro
ReplyDeleteThanks Bro
DeleteAwesome bro :)
ReplyDelete