From 049957613213df68a45df99040d3cf6477bc50c1 Mon Sep 17 00:00:00 2001
From: Rick M <kingthorin@users.noreply.github.com>
Date: Tue, 6 Feb 2024 16:28:23 -0500
Subject: [PATCH] Tweak table to escape pipe content (#1125)

* Tweak table to escape pipe content
* Link fix
---
 .../05.7-Testing_for_ORM_Injection.md                         | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/document/4-Web_Application_Security_Testing/07-Input_Validation_Testing/05.7-Testing_for_ORM_Injection.md b/document/4-Web_Application_Security_Testing/07-Input_Validation_Testing/05.7-Testing_for_ORM_Injection.md
index 5eac6efd7d..16e76c06e9 100644
--- a/document/4-Web_Application_Security_Testing/07-Input_Validation_Testing/05.7-Testing_for_ORM_Injection.md
+++ b/document/4-Web_Application_Security_Testing/07-Input_Validation_Testing/05.7-Testing_for_ORM_Injection.md
@@ -45,7 +45,7 @@ Based on their [blog article](https://blog.ripstech.com/2020/exploiting-hibernat
 | DBMS       | SQL Injection                                                         |
 |------------|-----------------------------------------------------------------------|
 | MySQL      | `abc\' INTO OUTFILE --`                                               |
-| PostgreSQL | `$$='$$=chr(61)|| chr(0x27) and 1=pg_sleep(2)|| version()'`             |
+| PostgreSQL | `$$='$$=chr(61) \|\| chr(0x27) and 1=pg_sleep(2) \|\| version()'`     |
 | Oracle     | `NVL(TO_CHAR(DBMS_XMLGEN.getxml('select 1 where 1337>1')),'1')!='1'`  |
 | MS SQL     | `1<LEN(%C2%A0(select%C2%A0top%C2%A01%C2%A0name%C2%A0from%C2%A0users)` |
 
@@ -55,6 +55,6 @@ Another example would include the [Laravel Query-Builder](https://laravel.com/do
 
 - [Wikipedia - ORM](https://en.wikipedia.org/wiki/Object-relational_mapping)
 - [New Methods for Exploiting ORM Injections in Java Applications (HITB16)](https://insinuator.net/2016/06/new-methods-for-exploiting-orm-injections-in-java-applications-hitb16/)
-- [HITB2016 Slides - ORM Injections in Java Applications](https://conference.hitb.org/hitbsecconf2016ams/materials/D2T2%20-%20Mikhail%20Egorov%20and%20Sergey%20Soldatov%20-%20New%20Methods%20for%20Exploiting%20ORM%20Injections%20in%20Java%20Applications.pdf)]
+- [HITB2016 Slides - ORM Injections in Java Applications](https://archive.conference.hitb.org/hitbsecconf2016ams/sessions/new-methods-for-exploiting-orm-injections-in-java-applications/)
 - [Fixing SQL Injection: ORM is not enough](https://snyk.io/blog/sql-injection-orm-vulnerabilities/)
 - [PayloadsAllTheThings - HQL Injection](https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/SQL%20Injection/HQL%20Injection.md)