From cb5080803d9271ccd618067ac596f6944b4c4d35 Mon Sep 17 00:00:00 2001
From: Peter Fisher-Duke <848928+zepterfd@users.noreply.github.com>
Date: Thu, 2 Mar 2023 11:46:12 -0500
Subject: [PATCH] Fixed image paths

Fixed all embedded markdown images to point to the resources directory
---
 docs/solution/a1-injection.md | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/docs/solution/a1-injection.md b/docs/solution/a1-injection.md
index eddded5f..1277e09f 100644
--- a/docs/solution/a1-injection.md
+++ b/docs/solution/a1-injection.md
@@ -7,10 +7,10 @@ There is a SQL Injection in `User Search` feature at the following URL
 http://127.0.0.1:9090/app/usersearch
 
 By injecting a single quote `'`, we see an error has occurred.
-![sqli1](/resources/sqli1.png "SQLi Trigger")
+![sqli1](../resources/sqli1.png "SQLi Trigger")
 
 An attacker can exploit this further and obtain potentially sensitive information from the database by supplying the input `' UNION SELECT password,1 from Users where login='user' -- //`
-![sqli2](/resources/sqli2.png "Exploiting SQLi")
+![sqli2](../resources/sqli2.png "Exploiting SQLi")
 
 **Vulnerable Code snippet**
 
@@ -58,7 +58,7 @@ http://127.0.0.1:9090/app/ping
 
 
 By injecting `x ; id`, we are able to see that the `id` command has been executed.
-![ci1](/resources/ci1.png "Command injection")
+![ci1](../resources/ci1.png "Command injection")
 
 **Vulnerable Code snippet**
 
@@ -104,4 +104,4 @@ The fix has been implemented in this [commit](https://github.com/appsecco/dvna/c
 
 - <https://www.owasp.org/index.php/Top_10-2017_A1-Injection>
 - <https://snyk.io/blog/sql-injection-orm-vulnerabilities/>
-- <https://hackernoon.com/nodejs-security-issue-javascript-node-example-tutorial-vulnerabilities-hack-line-url-command-injection-412011924d1b>
\ No newline at end of file
+- <https://hackernoon.com/nodejs-security-issue-javascript-node-example-tutorial-vulnerabilities-hack-line-url-command-injection-412011924d1b>