How This Page is Vulnerable

This demo page is intentionally vulnerable to SQL Injection, showcasing both:

• Login Bypass – First form
• Second Order Injection – Second form

🔐 Login Form (Form 1)

This form is meant to simulate a basic login system that is vulnerable to SQL Injection.

It uses the following insecure query:

This query directly includes user input without sanitization, allowing attackers to inject SQL code.

🚨 Example Login Injections:

• admin' OR '1'='1 → Logs you in as any user
• admin' AND SLEEP(5) AND '1'='1 → Simulates time-based attacks (MySQL)

💬 Feedback Form (Form 2)

This form demonstrates a Second Order SQL Injection, where the attacker inputs SQL code as “feedback.”

Insecure code looks like:

This allows an attacker to inject arbitrary SQL commands by manipulating the feedback input.

🔥 Example Injection Payload:

This will insert a brand new user into the sqlbad table without any authorization check.

🧠 Summary

• The login form is vulnerable to authentication bypass using injected queries.
• The feedback form allows second-order injection to modify the database structure.
• Both forms fail to use input validation, sanitization, or prepared statements.

⚠️ Reminder: These vulnerabilities are intentional for learning purposes. Never use such code in production!