Is this Vulnerable ?
2025-1-10 23:30:31 Author: www.reddit.com(查看原文) 阅读量:2 收藏

In a website that asks you of password and username this message pops up if you put in an SQL code in username that is false or has mistakes in it:

I wrote into username: '

Fehlercode 602 : Anfrage an Datenbank fehlgeschlagen Query : SELECT uid, password, username, firstname, lastname, class, admin, mod, blocked, reference_id FROM userdb WHERE username=''' Result : You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''''' at line 1

But if you correct your mistake the output is just "false username or password" And if you put in a sql code into password it will just give the output "false username or password" .

Fehler: Passwort für Benutzer falsch!

Is this website secure or vulnerable? If the website is vulnerable how to fix it and how could someone exploit it.

PS: admin" OR "1" = "1" and other simple SQL injections do not work.


文章来源: https://www.reddit.com/r/HowToHack/comments/1hyi8hk/is_this_vulnerable/
如有侵权请联系:admin#unsafe.sh