SHARE
TWEET

Untitled

a guest Oct 13th, 2019 133 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. dork: filetype:env APP_ENV
  2.  
  3.  
  4. Route::get('sql-injection-vulnerable', function() {
  5. $name = "'Bobby' OR 1=1";
  6. return DB::select(
  7. DB::raw("SELECT * FROM cats WHERE name = $name"));
  8. });
  9.  
  10.  
  11. Route::get('sql-injection-not-vulnerable', function() {
  12. $name = "'Bobby' OR 1=1";
  13. return DB::select(
  14. DB::raw("SELECT * FROM cats WHERE name = ?", [$name]));
  15. });
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top