AJAX SQL Injection

How do check if AJAx request are vulnerables

- Go in Inspector mode and intercept the request (network)
- Copy the request has has Curl and convert it into python
- Add the python code in a code editor (edit the cookies and value STRING --> Value)
- Add a IF statment ---> if response.status_code = 500
                                               print(response.text)
- Run the request and try to find some 500 erros (normaly mean a sql error)

Usefull video ---> https://www.youtube.com/watch?v=IVHX9jDrI0o (opens in a new tab) Usefull tool ---> https://curlconverter.com/ (opens in a new tab)

Cheat Sheet ---> https://www.invicti.com/blog/web-security/sql-injection-cheat-sheet/ (opens in a new tab)

Cvss