Zomato: [api.zomato.com] Abusing LocalParams (city_id) to Inject SOLR query

Disclosing it as per the request from @zzzhacker13. This report is identical to 844428 but this one was on a different endpoint. POC - - :v2/red/homepage.json?lat=&lon=&cityid=!dismax+df=cityid86&androidcountry=US&lang=en&androidlanguage=en Zomato Security Team...

Zomato: [www.zomato.com] Abusing LocalParams (city) to Inject SOLR query

Hi Team! ; I Found an limited SOLR Injection by Abusing LocalParams city in /webapi/searchapi.php, Therefore Please respect my decision to mark this report as Medium instead of High Based on the fact the code is Vulnerable even if it's hard to exploit. - Request adding single Backslash: http GET...

Zomato: [www.zomato.com] Abusing LocalParams to Inject Code through ███████ query

@bigshaq found an endpoint which was throwing 500 Internal Server Error after adding a double quote, while he thought that this behaviour might well be a SQLi, and after a bit of fuzzing @bigshaq demonstrated why he believed it to be a SQLi - 500 ISE domain.com?type=redacted&id=1" - 200...