Web Security Academy Walkthroughs Challenge Documentation XXE Exploting XXE via image file upload SQL Injection Exploting SQL injection via WHERE clause SQL injection vulnerability allowing login bypass Access Control Exploiting Exposed Admin Portal Example Findings Report Findings Report on XXE