Unrestricted File Upload -> Bypass Unrestricted File Upload allows the attacker to upload or transfer files of dangerous types that can be automatically processed within the product’s environme...

Unrestricted File Upload Unrestricted File Upload allows the attacker to upload or transfer files of dangerous types that can be automatically processed within the product’s environment. Exploita...

Server-side request forgery (SSRF) Server-side request forgery (also known as SSRF) is a web security vulnerability that allows an attacker to induce the server-side application to make requests t...

Blind Sql Injection -> Time Based Detection This webapp will take in user supplied input, search for a movie in a database and then notify the user whether or not the movie exists. Let’s su...

Sql Injection With Sqlmap Sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. Exploit...

Sql Injection -> Authentication Bypass SQL injection is a technique used to exploit user data through web page inputs by injecting SQL commands as statements. If a login form is vulnerable to s...

In-band Sql Injection In-band SQL Injection is the most common and easy-to-exploit of SQL Injection attacks. In-band SQL Injection occurs when an attacker is able to use the same communication cha...

Blind Sql Injection -> Boolean Based Boolean-based SQL Injection is an inferential SQL Injection technique that relies on sending an SQL query to the database which forces the application to re...

SMTP header injection SMTP header injection vulnerabilities arise when user input is placed into email headers without adequate sanitization, allowing an attacker to inject additional headers with ...

Stored Html Injection Unlike reflected HTML injection, Stored HTML injection allows the injection of certain HTML tags, which remain permanently inside the web-applications. Exploitation The w...