Demo: Exploiting a Blind XSS & Second Order SQL Injection

Category: Web Security Readings - Last Updated: Thu, 11 May 2017 - by Robert Abela

Watch the Tech Segment from Paul’s Security Weekly show #512 for a live demo of how to exploit a Blind Cross-site Scripting (XSS) and a Second Order SQL Injection vulnerability.

The demos were delivered by our CEO Ferruh Mavituna. During the demos, Ferruh also explains all the technical details of how these vulnerabilities work and demonstrates how malicious hackers can exploit them to exfiltrate sensitive data from the vulnerable web application.


Keep up with the latest web security
content with weekly updates.