I ran the OWASP SQL injection scanner tool on a website’s sign-in page I formerly operated and two vulnerable parameters displayed. The first parameter was “returnURL” and the second one was “isLogin” showing POST DATA: IsLogin=true AND 1=1 —
What does this mean and how do I exploit this for testing purposes and ultimately fix the potential error? Should I use a Kali tool such as MySQL or do you have other suggestions?
Go to Source