SQL Injection by Untrusted Data parsing |
What is untrusted data?
SQL Injection by Untrusted Data Parsing:
SELECT * FROM users WHERE username=’+USERNAME+’ AND
password=’+PASSWORD+’
SELECT * FROM users WHERE username=’user123′ or ‘1’=’1′ AND password=’PASSWORD’
SELECT * FROM users WHERE username=” AND password=” OR ‘1’=’1′