Jumping from SQL injection to RCE
Published in
2 min readMar 26, 2021
In this case we are going to take advantage of a sql injection error to be able to “jump” to other vulnerabilities.
For this we have to have write permissions and know the path where the server is mounted, they can do it with an @@datadir, in this case I have the path on the error screen
After having the path, what we are going to do is inject the shell, in this case it is a…