Blind SQL Injection on █████ via URI Path
Critical
M
Mars
Submitted None
Team Summary
Official summary from Mars
Time-based SQL injection is a hacking technique that capitalizes on vulnerabilities in systems interacting with databases. Unlike traditional SQL injection methods that directly manipulate data, this approach leverages delays in database processing to extract information. Attackers insert malicious SQL statements into input fields of web applications lacking sufficient security measures. If successful, these statements execute against the database, and by intentionally causing delays in processing, the attacker can infer information about the database structure or obtain sensitive data based on the application's response time to specific queries.
Actions:
Reported by
stuux
Report Details
Additional information and metadata
State
Closed
Substate
Resolved
Submitted
Weakness
SQL Injection