I Earned $3500 and 40 Points for A GraphQL Blind SQL Injection Vulnerability. | by nav1n🍥 | Mar, 2023 | Medium
How I Found Sql Injection on 8x8 , Cengage,Comodo,Automattic,20 company | by Ahmad A Abdulla | Medium
0"XOR(if(now()=sysdate(),sleep(12),0))XOR"Z Recipe by GRLpGpAG - CookEatShare
NS 🍥 on Twitter: "Blind #SQLInjection on #GraphQL The API accepts queries for user "gender" data and accepts 3 keywords "M,F,NA", I found the parader "xxxkeyword_xx_xx" is vulnerable to blind-SQL injection attacks
Test Payload: 'XOR(if(now()=sysdate(),sleep(10),0))OR' · Issue #4091 · sqlmapproject/sqlmap · GitHub
Jawad ar Twitter: "Detect Blind SQL INJECTION with these payloads 0"XOR (if(now()=sysdate(),sleep(12),0))XOR"Z%20=%3E 0'XOR(if(now()=sysdate(),sleep (3),0))XOR'Z '%20WAITFOR
Test Payload: 'XOR(if(now()=sysdate(),sleep(10),0))OR' · Issue #4091 · sqlmapproject/sqlmap · GitHub