Hi,
I'm currently testing Vulnerabiltys to SQL Injections for my companys application as an it-trainee.
So I found, that the application is indeed vulnerable to injections because I can alter some of the insert statements.
So I altered the insert Statement to this:
INSERT INTO tablename( column, column1, column2, column3, column4,column5, column6, column7, column8 )
VALUES ( 10965972, 185796154, 25, 23,2023, '', CURRENT_DATE, 'v0201100',
18);
DELETE *
FROM tablename;-- , 2023,'a', CURRENT_DATE, 'v0201100', 18 )
I thought this should be a correct statement, but the MySQL Server returned this Error:
MySQL Error: 1064 (You have an error in your SQL syntax;[...]
Would be nice if somebody could help and tell my why the syntax is wrong...
Thanks for your help :-)