I am testing an internal application and come across a page where if I am able to make the application display a SQL error because it does not recognize the payload for ORDER BY sort direction. The query is:
select xxx from something where xxx xxx xxx ORDER BY something ASC LIMIT.....
I am able to control the ASC part and the application throws out SQL error and display the Select query that gets broken whenever I send anything other than ASC or DESC. The column name used with ORDER BY is not injectable. Is this injection exploitable in this case? I read from couple of places that if we can control the column used by ORDER BY, then it is exploitable, but if we can control only the sort direction parameter, it is not an exploitable injection.
There are related questions here and here, but they don’t directly say whether the sort direction parameters are exploitable if user can control it.
The database is MySQL.