- Title: SQL injection in
viestinta.lahitapiola.fi
. - Reported by: Yasar and Anandakshya.
- Bounty Rewarded: $1,350 and $1,560.
- Web application URL: https://viestinta.lahitapiola.fi.
- Description: Localtapiola is basically an insurance company that provides different kinds of life and non-life insurance policy to its customers; with its digital presence and online transaction-based system, it has one of the most active programs on Hackerone. Localtapiola had two very descriptive SQL injection reports that I decided to include in this chapter.
SQL injection by Yasar:
This was a very simple error-based SQL injection in Localtapiola, which Yasar identified. The URL where the SQL injection was found was as follows: http://viestinta.lahitapiola.fi/webApp/cancel_iltakoulu?regId=478836614&locationId=464559674
.
The vulnerable parameter was regId
. He simply used sqlmap
to exploit the SQL injection after identifying it:
./sqlmap.py -u "http://viestinta.lahitapiola.fi/webApp/cancel_iltakoulu...