CLIENT-SIDE
COMMON OPERATIONS BY INJECTION TYPES
SQL Injection
' , ; -- /* */
Command Injection
; &&
LDAP Injection
* ( ) & |
XPath Injection
' or and not substring concat count
OS Command Injection
; & |
Code Injection
' ; -- /* */ $() ${} #{} %{} ^
Directory Traversal/File Path Traversal
../ ..\\ %00
Object Injection
; & |
XQuery Injection
' ; -- /* */
Shellcode Injection
\x \u %u %n
Header Injection
\r %0d %0a %09
Last updated