Injection Type
Operators
SQL Injection
' , ; -- /* */
'
,
;
--
/* */
Command Injection
; &&
&&
LDAP Injection
* ( ) & |
*
(
)
&
|
XPath Injection
' or and not substring concat count
or
and
not
substring
concat
count
OS Command Injection
; & |
Code Injection
' ; -- /* */ $() ${} #{} %{} ^
$()
${}
#{}
%{}
^
Directory Traversal/File Path Traversal
../ ..\\ %00
../
..\\
%00
Object Injection
XQuery Injection
' ; -- /* */
Shellcode Injection
\x \u %u %n
\x
\u
%u
%n
Header Injection
\r %0d %0a %09
\r
%0d
%0a
%09
Last updated 1 year ago
