1. Web Security Academy
  2. SQL injection
  3. UNION attacks
  4. Lab

Lab: SQL injection UNION attack, finding a column containing text


This lab contains an SQL injection vulnerability in the product category filter. The results from the query are returned in the application's response so you can use a UNION attack to retrieve data from other tables. To do this, you need to find a column containing text data.

The lab will provide a random value that you need to make appear within the query results. To solve the lab, perform an SQL injection UNION attack that returns an additional row containing the value provided.