< Back





1. SQL injection vulnerability in WHERE clause allowing retrieval of hidden data

Simple SQL injection vulnerability. The website allows you to filter for certain items for sale via
the URL /filter?category= form. Using this, we can see that different filters like "Lifestyle" are
accepted. No sanitization is conducted for user input, so we leverage SQL injection to expose all
existing items from the table:

  /filter?category=Lifestyle'+OR+1=1--


Solution