Skip to main content

XSS Injection Via SQLi Vulnerability

XSS Injection Via SQLi Vulnerability | Juno_okyo's Blog
# XSS Injection Using SQL Injection Vulnerability
# Trick is based on Hexa Decimal Encoding.

[0x01] You got SQLi vulnerability in website

[0x02] Next count the columns. You got 5 columns and column 3 is
[0x03] Next encode your JavaScript to HexaDecimal value.
Eg. <script>alert("Ajith 'n Ajmal")</script> 's hexa decimal value is


[0x04] Insert the hexa decimal value into group_concat function.
That is now use URL,2,group_concat(0xhexadecimalvalue),4,5


Share this with your friends