You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{{ message }}
This repository has been archived by the owner on May 18, 2021. It is now read-only.
As I'm saying in the title, if you inject a malformed sql injection that makes to crash the PHP process, on the URL http://domain.com/product/view?id=81 and the param 'id', it will cotinuously crash on every Home page load.
I had to delete cookies to be able to visit the home after the bad injection because I was crashing just loading the Home.
A solution is to store products that by its query returned true, not only all the data in the id param requested, because it saves the malformed sql injection that belongs to the learning process.
As I'm saying in the title, if you inject a malformed sql injection that makes to crash the PHP process, on the URL http://domain.com/product/view?id=81 and the param 'id', it will cotinuously crash on every Home page load.
I had to delete cookies to be able to visit the home after the bad injection because I was crashing just loading the Home.
A solution is to store products that by its query returned true, not only all the data in the id param requested, because it saves the malformed sql injection that belongs to the learning process.
For example: http://vuln2.devo.com/product/view?id=81' and 1=1
without comment at the end
The text was updated successfully, but these errors were encountered: