File tree Expand file tree Collapse file tree 1 file changed +7
-3
lines changed Expand file tree Collapse file tree 1 file changed +7
-3
lines changed Original file line number Diff line number Diff line change 1- # Hands-on Express SQLi
1+ # SQL injection with Express and sqlite
22
33This application is a demonstration prototype just to show how to perform SQLi attack.
44
55## Setting-up
66
77### Deploy on heroku
88
9- [ ![ Deploy] ( https://www.herokucdn.com/deploy/button.svg )] ( https://heroku.com/deploy?template=https://github.com/0xdbe/Hands-on-Express-SQLi )
9+ [ ![ Deploy] ( https://www.herokucdn.com/deploy/button.svg )] ( https://heroku.com/deploy?template=https://github.com/0xdbe-appsec/sqli-express-sqlite )
1010
1111### Deploy on your host
1212
@@ -50,4 +50,8 @@ Open http://localhost:3000/ and log in with:
5050SELECT name FROM user where username = 'admin' --' and password = 'a'
5151```
5252
53- You are now log in as "Admin",
53+ You are now log in as "Admin"
54+
55+ ### Fix it
56+
57+ use prepared statement
You can’t perform that action at this time.
0 commit comments