da_667 on Nostr: gonna ask a stupid question and hope someone out there that does more webapp ...
gonna ask a stupid question and hope someone out there that does more webapp pentesting than I do will have an answer for me.
Is it reasonable to assume that most SQL injections the HTTP URI are going to be parameter-based injections? Is it reasonable to assume that I should expect an "=" sign sometime before the SQL statements are being injected into the parameter?
Is it reasonable to assume that most SQL injections the HTTP URI are going to be parameter-based injections? Is it reasonable to assume that I should expect an "=" sign sometime before the SQL statements are being injected into the parameter?