SQLi | in URL paths

## Summary: A SQL Injection vulnerability was discovered in the customerId parameter of the URL path: `https://seesure.admyntec.co.za/customerInsurance/newCustomerStep5Pending/customerId/732562/contactPersonId/0/msisdn/` We can observe this by adding a little quote in the customerId: https://seesure.admyntec.co.za/customerInsurance/newCustomerStep5Pending/customerId/732562'/contactPersonId/0/msisdn/ which will show the following error, indicating that its vulnerable to SQL Commands Injection: {F3987701} ## Steps To Reproduce: We can use any SQL Commend here, by just closing the Statement ( putting `')` and then use a command and also we make sure to make the rest as a comment, here is a basic SQL command i used: {F3987699} or we can use tools like SQLmap to get access to the database, here is the command i used: ``` sqlmap -u "https://seesure.admyntec.co.za/customerInsurance/newCustomerStep5Pending/customerId/732562*/contactPersonId/0/msisdn/" --batch --dbs ``` {F3987702} ## Impact ## Summary: An attacker can exploit this to dump and download the database, Which will give them access to user informations.