List of all SQL mentioned in the code..
Value | Count | File:Line |
---|---|---|
"SELECT table_schema, table_name, create_time
FROM information_schema.tables WHERE table_schema='{$_DVWA['db_database']}' AND table_name='users' LIMIT 1" | 1 |
|
'UPDATE users SET failed_login = (failed_login + 1) WHERE user = (:user) LIMIT 1;' | 1 |
|
' INSERT INTO `' . $this->config['table'] . '` ( type, data, created, modified ) VALUES ( :type, :data, now(), now() ) ' | 1 |
|
'SELECT * FROM ' . $handle->quote($this->config['table']) . ' where type=?' | 1 |
|
'SELECT created FROM `' . $handle->quote($this->config['table']) . '`' | 1 |
|
"select *something* from the menu" | 1 |
|
'SELECT LOAD_FILE(0x633A5C626F6F742E696E69)' | 1 |
|
'SELECT CHAR(0x66)' | 1 |
|
' SELECT IF(1=1,\'true\',\'false\')' | 1 |
|
'SELECT /*!32302 1/0, */ 1 FROM tablename' | 1 |
|
"delete alert(1)" | 1 |
|
'INSERT INTO guestbook ( comment, name ) VALUES ( :message, :name );' | 1 |
|
'UPDATE users SET last_login = now() WHERE user = (:user) LIMIT 1;' | 1 |
|
' INSERT INTO ' . $this->table . ' ( name, value, page, ip, impact, origin, created ) VALUES ( :name, :value, :page, :ip, :impact, :origin, now() ) ' | 1 |
|
'UPDATE users SET failed_login = "0" WHERE user = (:user) LIMIT 1;' | 1 |
|
'SELECT * FROM users WHERE user = (:user) AND password = (:password) LIMIT 1;' | 1 |
|
'SELECT failed_login, last_login FROM users WHERE user = (:user) LIMIT 1;' | 1 |
|
"SELECT name, comment FROM guestbook" | 1 |
|
"INSERT INTO users VALUES
('1','admin','admin','admin',MD5('password'),'{$baseUrl}admin.jpg'), ('2','Gordon','Brown','gordonb',MD5('abc123'),'{$baseUrl}gordonb.jpg'), ('3','Hack','Me','1337',MD5('charley'),'{$baseUrl}1337.jpg'), ('4','Pablo','Picasso','pablo',MD5('letmein'),'{$baseUrl}pablo.jpg'), ('5','bob','smith','smithy',MD5('password'),'{$baseUrl}smithy.jpg');" | 1 |
|
"INSERT INTO guestbook (comment, name) VALUES('This is a test comment.','admin')" | 1 |
|
"INSERT INTO users VALUES
('1','admin','admin','admin',MD5('password'),'{$avatarUrl}admin.jpg', NOW(), '0'), ('2','Gordon','Brown','gordonb',MD5('abc123'),'{$avatarUrl}gordonb.jpg', NOW(), '0'), ('3','Hack','Me','1337',MD5('charley'),'{$avatarUrl}1337.jpg', NOW(), '0'), ('4','Pablo','Picasso','pablo',MD5('letmein'),'{$avatarUrl}pablo.jpg', NOW(), '0'), ('5','Bob','Smith','smithy',MD5('password'),'{$avatarUrl}smithy.jpg', NOW(), '0');" | 1 |
|
"INSERT INTO guestbook VALUES ('1','This is a test comment.','test');" | 1 |
|
"UPDATE `users` SET password = '$pass_new' WHERE user = '" . dvwaCurrentUser( ) . "' LIMIT 1;" | 1 |
|
'SELECT password FROM users WHERE user = (:user) AND password = (:password) LIMIT 1;' | 2 |
|
"SELECT first_name, last_name FROM users WHERE user_id = '$id' LIMIT 1;" | 2 |
|
'UPDATE users SET password = (:password) WHERE user = (:user);' | 2 |
|
"SELECT COUNT(*) FROM users;" | 2 |
|
"SELECT first_name, last_name FROM users WHERE user_id = $id;" | 2 |
|
"SELECT first_name, last_name FROM users WHERE user_id = '$id';" | 2 |
|
'SELECT first_name, last_name FROM users WHERE user_id = (:id) LIMIT 1;' | 2 |
|
"SELECT * FROM `users` WHERE user='$user' AND password='$pass';" | 2 |
|
"SELECT * FROM `users` WHERE user = '$user' AND password = '$pass';" | 3 |
|
"INSERT INTO guestbook ( comment, name ) VALUES ( '$message', '$name' );" | 3 |
|
"UPDATE `users` SET password = '$pass_new' WHERE user = '" . dvwaCurrentUser( ) . "';" | 5 |
|