Burp Suite Enterprise Edition is now available in our secure Cloud  –  Learn more

Lab: SQL injection vulnerability in WHERE clause allowing retrieval of hidden data


This lab contains a SQL injection vulnerability in the product category filter. When the user selects a category, the application carries out a SQL query like the following:

SELECT * FROM products WHERE category = 'Gifts' AND released = 1

To solve the lab, perform a SQL injection attack that causes the application to display one or more unreleased products.


  1. Use Burp Suite to intercept and modify the request that sets the product category filter.
  2. Modify the category parameter, giving it the value '+OR+1=1--
  3. Submit the request, and verify that the response now contains one or more unreleased products.

Community solutions

Rana Khalil
Michael Sommer