Questions tagged [injection]
inserting malicious content, usually code (like SQL, Javascript) into a vulnerable application. Is used only if there is no more specific injection tag available (see tag wiki)
437 questions
2votes
1answer
78views
Jinja2: safe from XSS/SSTI if using select_autoescape and context dictionary?
In a FlaskRestX API for an e-commerce site, I use jinja2 to generate a HTML template (to create a PDF purchase receipt). After reading the docs, and asking various AI models, I am still not convinced ...
1vote
0answers
61views
Web Server Generic Cookie Injection
After running a Nessus scan, one of its plugins checks for cookie injection called "Web Server Generic Cookie Injection" (https://www.tenable.com/plugins/nessus/44135) The scan shows that ...
- 465
1vote
0answers
108views
XSS javascript does not execute (bug bounty)
I am doing a bug bounty and i found an XSS injection point. However most tags are filtered and i have been getting no results in executing JS, i can do what ever HTML i want though here are some ...
5votes
3answers
1kviews
Are these bash lines (handling untrusted user input) vulnerable to command injection?
If $1 contains untrusted user input for example $(whoami). Are any of the following bash examples vulnerable to command injection? I'm having issues clearly understanding this behavior in Bash. Also, ...
- 7,657
1vote
1answer
366views
How does hex-encoded prompt injection work to bypass protections in LLMs (i.e. ChatGPT)?
Recent reports describe how a new prompt injection technique uses hex encoding to bypass the internal content moderation safeguards in language models like ChatGPT-4o, allowing them to generate ...
- 224
3votes
2answers
2kviews
Preventing CSV Injection
I am creating an application that takes information from another system and writes reports in CSV format. I am trying to mitigate CSV Injection vulnerabilities on it. I have done some research and I ...
- 133
1vote
0answers
172views
WordPress Site Hacked to redirect stripe.js offsite for credit card skimming - Can't Find The Source
We are experiencing an issue on our WordPress site running WooCommerce, for the second time this year where a hacker is injecting some kind of script that is redirecting the stripe.js code from it's ...
3votes
2answers
251views
Is this code vulnerable to injection?
I'm reviewing code which apparently ignores all security standards but doesn't seem to be exploitable due to its peculiar construction. The first stage is a Java Spring application and the name ...
- 31
7votes
1answer
2kviews
Securing Transactional Email: User Input Escaping for a email subject
In our ongoing efforts to ensure secure transactional email delivery, we prioritize user input escaping. This practice mitigates potential vulnerabilities like HTML injection attacks. We leverage the ...
- 171
2votes
1answer
522views
sqlmap will not save half dumped data in CSV File?
Is there any way to save half-dumped output in csv file or in table format in sqlmap? Look below image for better understanding. The target is boolean-based blind injection vulnerable. For sure, this ...
- 41
1vote
1answer
98views
Command Injection in URLs. Are response codes foolproof indicator of true/false positive?
Take this HTTP request as an example. GET /directory/blahblah/ping%20interact.sh Say this request receives any 3xx, 4xx, 5xx HTTP response code. Is it likely or even possible that a backend web server ...
1vote
1answer
182views
Library to securely expose query language to end user?
I have a DB that I would like to expose to end users for flexible search through their data. Currently using Elastic, but not tied to that: I can internally transform the data in any way to enable ...
0votes
1answer
218views
Can a USB stick be made to automatically hack a system?
I am a cybersecurity professional who is interested in researching the field of injectables. Does a device exist, or can be made, that if plugged into a computer would instantly start attacking the ...
0votes
1answer
394views
CRLF in HTTP/2 header value
I am attempting to inject a carriage-return + newline in a HTTP request header value. My understanding is that this is possible with HTTP/2 and HTTP/3. However, when I send a request with Burp I get ...
- 35.4k
1vote
1answer
479views
ScyllaHide DLL Injection
When I try to perform a DLL injection with ScyllaHide in x32/x64 dbg, then it crashes for some reason, is this a bug? Both with stealthy injection as with normal injection, the program crashes when I ...
- 55
