A manual SQL Injection bypass for WAF was shared in a tweet. The payload used to bypass the WAF is 'AND+0+/*!50000UNION*/+/*!50000SELECT*/+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21–+-. This bypass method targets the UNION SELECT statement. More technical details can be found in the tweet: https://t.co/Rkww4Q0i89
For more details, check out the original tweet here: https://twitter.com/iamunixtz/status/1789045500131320170