BEGIN:VCALENDAR
VERSION:2.0
PRODID:-//pretalx//pretalx.com//bsidesluxembourg-2026//talk//LHVQCJ
BEGIN:VTIMEZONE
TZID:CET
BEGIN:STANDARD
DTSTART:20001029T040000
RRULE:FREQ=YEARLY;BYDAY=-1SU;BYMONTH=10
TZNAME:CET
TZOFFSETFROM:+0200
TZOFFSETTO:+0100
END:STANDARD
BEGIN:DAYLIGHT
DTSTART:20000326T030000
RRULE:FREQ=YEARLY;BYDAY=-1SU;BYMONTH=3
TZNAME:CEST
TZOFFSETFROM:+0100
TZOFFSETTO:+0200
END:DAYLIGHT
END:VTIMEZONE
BEGIN:VEVENT
UID:pretalx-bsidesluxembourg-2026-LHVQCJ@pretalx.com
DTSTART;TZID=CET:20260507T133000
DTEND;TZID=CET:20260507T141000
DESCRIPTION:SQL injection and broken authentication remain persistent threa
 ts in modern web applications\, yet many developers continue to assume tha
 t new technologies are immune to classic attacks. This presentation examin
 es a real-world penetration test where we discovered critical SQL injectio
 n and authentication bypass vulnerabilities in a production GraphQL API ba
 cked by PostgreSQL—proving that architectural shifts don't eliminate fun
 damental security flaws.
DTSTAMP:20260412T024934Z
LOCATION:Workshops and Stage - Gernsback (C1.05.02)
SUMMARY:What's Old is New: Exploiting Classic Vulnerabilities in GraphQL AP
 Is - Aleksa Zatezalo
URL:https://pretalx.com/bsidesluxembourg-2026/talk/LHVQCJ/
END:VEVENT
END:VCALENDAR