Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- dork: filetype:env APP_ENV
- Route::get('sql-injection-vulnerable', function() {
- $name = "'Bobby' OR 1=1";
- return DB::select(
- DB::raw("SELECT * FROM cats WHERE name = $name"));
- });
- Route::get('sql-injection-not-vulnerable', function() {
- $name = "'Bobby' OR 1=1";
- return DB::select(
- DB::raw("SELECT * FROM cats WHERE name = ?", [$name]));
- });
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement