SQLi-labs: Lesson 50 & 52

Order by stacked injection.

Source code: mysqli_multi_query($con1, $sql)

mysqli_multi_query() allows executing multiple queries. In previous lessons, the source code is mysql_query($sql), which only allows one query.

Queries are similar to Lesson 38-45, e.g. ?sort=1;create table less50 like users;

SQLi-labs: Lesson 51 & 53

Order by stacked injection - single quote

Query: ?sort=1';drop table less50;--+

results matching ""

    No results matching ""