Injection badge Injection


Injection vulnerabilities could introduce a high level of risk, modifying the commands or queries used by the systems that our applications depend on. Ranging from SQL, file path, HTTP headers, or even git commands, injection vulnerabilities would usually fetch a large bounty.

Given our heavy usage of Ruby on Rails, you may want to peruse their security guide’s section on SQL injection.

More about injection vulnerabilities from OWASP’s Top 10:

Injection flaws occur when an application sends untrusted data to an interpreter. Injection flaws are very prevalent, particularly in legacy code. They are often found in SQL, LDAP, Xpath, or NoSQL queries; OS commands; XML parsers, SMTP Headers, program arguments, etc. Injection flaws are easy to discover when examining code, but frequently hard to discover via testing. Scanners and fuzzers can help attackers find injection flaws.

Recently collected Injection bounties:

1 joernchen 10000 pts joernchen Argument injection when cloning Git submodules
2 staaldraad 20000 pts Etienne Stalmans RCE in GitHub Pages when building with submodules
3 zhuowei 5000 pts @zhuowei GitHub Desktop remote code execution
4 kyprizel 500 pts kyprizel HTTP header injection in Git proxy
5 orangetw 5000 pts Orange Tsai SQL Injection in GitHub Enterprise