SQL Injection Vulnerabilities

This chapter is about SQL injection vulnerability, which is ranked most critical in nature by the OWASP. This chapter contains a detailed description of SQL injection, its types, and its attack vectors, followed by some of the most critical SQL injection cases identified in bug reports. I have analyzed the top six SQL injection reports on Hackerone and listed them by description and details.

We will cover the following topics in this chapter:

• SQL injection
• Types of SQL injection
• Goals of an SQL injection attack
• Uber SQLi
• Grab SQL injection
• Zomato SQL injection
• Localtapiola SQL injection