Skip to content

Esri Security Hall of Fame: Cookie Based SQL Injection

In 2017, I discovered a cookie based SQL injection (SQLI) vulnerability on a subdomain belonging to Esri.

Daniel Kelley
Daniel Kelley
Esri Security Hall of Fame: Cookie Based SQL Injection

Table of Contents

In 2017, I discovered a cookie based SQL injection (SQLI) vulnerability on a subdomain belonging to https://www.esri.com/en-us/home.

bug bounty hunting
Daniel Kelley

Daniel Kelley Twitter

I'm a reformed black hat computer hacker that has contributed to over 100 bug bounty programs.

Comments

Related Posts

Members Public

Open Bug Bounty: 3048 Patched Vulnerabilities

Over a 36 month period, I helped remediate 3048 vulnerabilities through Open Bug Bounty.

Open Bug Bounty: 3048 Patched Vulnerabilities
Members Public

BBC Security Hall of Fame: Reflective XSS Vulnerability

In 2018, I discovered a GET-based reflective cross-site-scripting (XSS) vulnerability on the homepage of the BBC.

BBC Security Hall of Fame: Reflective XSS Vulnerability
Members Public

University of Twente Security Hall of Fame: Remote Command Execution (RCE)

In 2018, I discovered a remote command execution (RCE) vulnerability on University of Twente's website.

University of Twente Security Hall of Fame: Remote Command Execution (RCE)