logo

DOJO Challenge #26 Winners!

ID: 77e1fcd9-5580-51c8-8f85-5bd5da617e86

STIX ID: report--77e1fcd9-5580-51c8-8f85-5bd5da617e86

Feed Name: YesWeHack Blog | Cybersecurity Insights and Bug Bounty Trends| RSS Feed

Threat Score
60/100

Date Published: 2023-09-04

Date Updated: 2026-07-04

...
...

**Executive Summary:** This report describes a SQL injection vulnerability in a SQLite INSERT statement where an attacker can craft a payload (using char(true+... ) encoding and ON CONFLICT UPSERT) to update another user’s email and potentially take over accounts; the author provides a PoC, filter-evasion details, and remediation advice in a single comprehensive write-up.

Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.