1. Web Security Academy
  2. SQL injection
  3. Examining the database
  4. Lab

Lab: SQL injection attack, querying the database type and version on Oracle

This lab contains an SQL injection vulnerability in the product category filter. You can use a UNION attack to retrieve the results from an injected query.

To solve the lab, display the database version string.

Want to track your progress and have a more personalized learning experience? (It's free!)

Sign up Login