Cobalt Crowdsourced Application PentestCobalt Crowdsourced Application PentestCobalt Crowdsourced Application Pentest

Cobalt Vulnerability Wiki


V5 - Validation/Sanitization

Blind SQL injection

POC

Send one of the following command to see the delay in response https://website/?id=1-sleep(5) https://website/?id=1-benchmark(1000000000,1-1) After confirming sql injection, save the request in test.req file and send the file in sqlmap

Impact

High

Likelihood

High