Real world report PoCs

You can read these real world SQLi PoCs to better understand how the bug is exploited in the real world scenarios

• SQL Injection Vulnerability nutanix by Muhammad Khizer Javed

• Yahoo – Root Access SQL Injection – tw.yahoo.com by Brett Buerhaus

• Multiple vulnerabilities in a WordPress plugin at drive.uber.com by Abood Nour (syndr0me)

• GitHub Enterprise SQL Injection by Orange

• SQL injection in WordPress Plugin Huge IT Video Gallery in Uber by glc

• SQL Injection on sctrack.email.uber.com.cn by Orange Tsai

Reference: https://whoami.securitybreached.org/2019/06/03/guide-getting-started-in-bug-bounty-hunting/