SQL injections (SQLi) are among the most popular vulnerabilities in the pentesting community. Too bad, such attacks are increasingly rare nowadays since modern security tools easily detect them. By contrast, an injection triggered when data transfer occurs between services is much more difficult to detect. This article discusses SQLi that are triggered not immediately, but somewhere in the middle of business logic.