Name is required.
Email address is required.
Invalid email address
Answer is required.
Exceeding max length of 5KB

Possible bug in Lab Blind SQL injection with time delays and information retrieval

Luca May 30, 2019 10:40AM UTC

The injection is on TrackingId cookie, but it only works if you inject in a "/filter?category=" page, not in a "/product?productId=" page.
It drove me crazy for a while :)


Luca Chiaverini May 30, 2019 10:53AM UTC
(If it's the wrong place to post, please feel free to delete)

Liam Tai-Hogan Jun 03, 2019 01:38PM UTC Support Center agent

Thanks for making us aware of this issue. We’ll change the solution.


Post Your public answer

Your name
Your email address
Answer