Input validation

User input can be dangerous.

It is very common that application doesn't sanitize the user input before processing which leads to many types of attacks.

In case of DVTA:

SQL injection leading to authentication bypass.
CSV injection.

Check this article for more detail explanation.

Whenever you get a chance to intercat with the application always pay close attention to inout fields you never know how and where these inputs will be used. You can totally bring your web hacking knowledge in place in this case.

You can check for various Injection attacks like SQL, nosql, command, XSS etc.

PreviousInsecure Data storage NextDLL hijacking

Last updated 2 years ago