Collaborate Disseminate
This is my code in phpm I was wondering if there is a way to bypass sql protection, because everything is already blocked.
Is this secure?
$max = 10;
if (isset($_GET[‘max’]) && !is_array($_GET[‘max’]) && $_GET[‘max’]>0)… Continue reading Is sql injection possible here ? or I can consider this as safe? [closed]
I’m trying to check whether or not an injectable parameter I found is actually exploitable in a bug bounty contest my college is holding. The code base is open source so I have access to the exact SQL queries being used.
The issue is this … Continue reading MySQLi On 3 Separate Queries At Once
Hello there is a API that I have but I need that file’s database can you help me?
Here is how the API works.
$apiUrl = "http://example.com/index.php?id=" . $id;
$curl = curl_init($apiUrl); curl_setopt($curl, CURLOPT_RETURNTRANSFE… Continue reading Dumping database from cURL API
I have stumbled across passwords on a MySQL database behind a PHP webapp. Here are some examples.
753a524d56b48d825328ce27
789e0ad30d15
7ba0868c23e0a2
d327e265ca2abcd7c
48276b3d5618850
bffaa9b3ba92ffc3
21614da133d56e72857c
44d2059e642f9733… Continue reading What are password encryption schemes that result in variable length common in MySQL and PHP?
I am getting this error in mysql Server version: 5.0.96-0ubuntu3 –
Error SQL query: Documentation
SELECT * FROM bWAPP.movies UNION ALL SELECT 1 , 2, 3, schema_name FROM information_schema.schemata, 6, 7, 7; LIMIT 0 , 30
MySQL said: Docum… Continue reading sql injection query error in bwapp?
I am working on a desktop application with electron that uses mariadb as database. The database stores sensitive data that should be encrypted in some way. However, I have not found a clear answer as to what would be the best way in my sit… Continue reading MariaDB encryption
I have hosted a MySQL database server on a VPS to connect to a flask web app on the same VPS. It only has users with host as local ip address. Can it be accessed by anyone else remotely, except me? If so, how can I make it more secure.
I d… Continue reading Can my local MySQL server be accessed without permission
I created a basic website that includes a login and signup system. The website uses a mySQL server as the backend to store login information. I want to use Kali Linux to perform a white box test on it as a project for class.
Is this even p… Continue reading Can you perform a penetration test on a web application that is running on local host and using an XAMPP server? [closed]
I have a problem and I’m hoping someone could help with a POC.
In a web application, attacker controlled parameter X is used is used unsanitized in two separate SQL queries within the same function.
The first query is a SELECT statement of… Continue reading Valid SQL Injection Syntax where same vulnerable parameter used in both a SELECT and a UPDATE statement
How does this work – will having a database ruin my computer performance in any way? And I don’t mean anything about security just laptop perofrmance. Thanks for answer.
Continue reading Can I have phpMyAdmin on a 2018 home laptop? [closed]