In this blog post, I’m going to share my experience exploiting a SQL Injection after bypassing WAF, the 403 Status Code, and OTP on a VDP program. I won’t go through my recon process here, as I’ve covered it in a previous XSS writeup, which you can r...
