SQLi Cards — Union Injection into SQLite
Union-based SQL injection in a card lookup form to enumerate tables via sqlite_master and extract the flag.
Union-Injection
Segnalazione Cinghiali — Union-Based SQLi in Node/Express
Union-based SQL injection in the report ID parameter of a Node.js/TypeScript Express app to leak the flag from a hidden table.