{"html":"<iframe src=\"https://hatenablog-parts.com/embed?url=https%3A%2F%2Fblog.hamayanhamayan.com%2Fentry%2F2021%2F02%2F23%2F121941\" title=\"Meet the Union Committee [Union CTF] - \u306f\u307e\u3084\u3093\u306f\u307e\u3084\u3093\u306f\u307e\u3084\u3093\" class=\"embed-card embed-blogcard\" scrolling=\"no\" frameborder=\"0\" style=\"display: block; width: 100%; height: 190px; max-width: 500px; margin: 10px 0px;\"></iframe>","description":"/?id=2\u3067\u4eba\u3092\u8868\u793a\u3055\u305b\u3066\u3044\u308b\u3002 /?id=1\u3068\u3059\u308b\u3068admin\u304c\u51fa\u3066\u304f\u308b\u3002 \u3068\u308a\u3042\u3048\u305a/?id='\u3057\u3066\u307f\u308b\u3002 Traceback (most recent call last): File \"unionflaggenerator.py\", line 49, in do_GET cursor.execute(\"SELECT id, name, email FROM users WHERE id=\" + params[\"id\"]) sqlite3.OperationalError: unrecognized token: \"'\" OK. SQL Injection\u304c\u3067\u304d\u305d\u3046\u3002 -1 union\u2026","title":"Meet the Union Committee [Union CTF]","blog_title":"\u306f\u307e\u3084\u3093\u306f\u307e\u3084\u3093\u306f\u307e\u3084\u3093","author_url":"https://blog.hatena.ne.jp/hamayanhamayan/","blog_url":"https://blog.hamayanhamayan.com/","url":"https://blog.hamayanhamayan.com/entry/2021/02/23/121941","published":"2021-02-23 12:19:41","height":"190","type":"rich","categories":["Security"],"version":"1.0","author_name":"hamayanhamayan","image_url":null,"provider_url":"https://hatena.blog","provider_name":"Hatena Blog","width":"100%"}