This chapter is about SQL injection vulnerability, which is ranked most critical in nature by the OWASP. This chapter contains a detailed description of SQL injection, its types, and its attack vectors, followed by some of the most critical SQL injection cases identified in bug reports. I have analyzed the top six SQL injection reports on Hackerone and listed them by description and details.
We will cover the following topics in this chapter:
- SQL injection
- Types of SQL injection
- Goals of an SQL injection attack
- Uber SQLi
- Grab SQL injection
- Zomato SQL injection
- Localtapiola SQL injection