While fuzzing a request for various categories of vulnerabilities, you submit a single quotation mark within each request parameter in turn. One of the results contains an HTTP 500 status code, indicating potential SQL injection. You check the full contents of the message, which are as follows: Microsoft VBScript runtime error ‘800a000d’ Type mismatch: ‘ [string: “’”]’ /scripts/confirmOrder.asp, line 715 Is the application vulnerable?
Already registered? Login
Not Account? Sign up
Enter your email address to reset your password
Back to Login? Click here