Problem Statement : There is a SQL injection vulnerability in the product category filter. As soon as a user selects a ‘Category’, SQL Query is carried out by the application.
The SQL query : Select * FROM Products where Category=”Gifts” [it can be anything based on the problem statement] and released=1;
Solution : Performing a simple SQL Injection Attack that causes application to display 1 or more unreleased products.
=> Use tools like Burp Suite to modify the request which sets the product category filter.
=> Modify Category to “+OR+1=1–“
=> Submit and check for the unreleased products.