Finding and exploiting SQL Injections with SQLMap