[wwww4all]

It’s easy to be armchair sql injection expert and point fingers.

I can guarantee that any system that you’ve worked on has numerous OWASP security bugs. You’ve probably looked at the bugs countless times and never noticed it.

Every software engineer of all levels has overlooked obvious sql injection bugs in their code base. Most likely you’ve added to the bug list.

Software bugs are simple part of any development effort. All major companies, Microsoft, Google, Facebook, etc. has very simple bugs like this in their systems.

That’s why they pay out bug bounties, it’s cheaper for them to add the bug and have some random security researcher find the bugs for them.