All Select Null,null,null,null,null,null,null,null,null-- Vitq — {keyword}' Union

This SQL injection payload ( ' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- vITQ ) is a classic technique used in to determine the exact number of columns returned by a vulnerable web application's original database query. Payload Breakdown ' : Closes the original SQL statement's string parameter.

: Fills columns with NULL values to match the column count of the original query, which is required for UNION to work. The attacker keeps adding NULL s until the error disappears (often 500 internal server error) and a '200 OK' response is received. This SQL injection payload ( ' UNION ALL

(or sometimes -- ): A comment marker that hides the rest of the original SQL query, preventing syntax errors. preventing syntax errors.

Meet your Danish teachers

Learn languages online! Online courses in many languages

Testimonials - what do our clients say?

Studieskolen is Denmark's only Cambridge English Qualifications exam centre.

Become a language coach. Info in Danish.

All Select Null,null,null,null,null,null,null,null,null-- Vitq — {keyword}' Union