N$ 🍥 on Twitter: "Blind #SQLInjection on #GraphQL The API accepts queries for user "gender" data and accepts 3 keywords "M,F,NA", I found the parader "xxxkeyword_xx_xx" is vulnerable to blind-SQL injection attacks
This Voucher entitles the bearer to up to £{{balance}} towards any of our foraging courses.
Index of /uploads/observatorio
Recherche - filtré par : 0'XOR(if(now()=sysdate(),sleep(15),0))XOR'Z - Page : 2 - Musée Albert Kahn