Some common SQL injection examples include: Retrieving hidden data, where you can modify a SQL query to return additional results. Subverting application logic, where you can change a …

This SQL injection cheat sheet contains examples of useful syntax that you can use to perform a variety of tasks that often arise when performing SQL injection attacks.

When you perform a SQL injection UNION attack, there are two effective methods to determine how many columns are being returned from the original query. One method involves injecting …

Blind SQL injection occurs when an application is vulnerable to SQL injection, but its HTTP responses do not contain the results of the relevant SQL query or the details of any database …

In this example we will demonstrate a technique to bypass the authentication of a vulnerable login page using SQL injection. This tutorial uses an exercise from the "Mutillidae" training tool …

To exploit SQL injection vulnerabilities, it's often necessary to find information about the database. This includes: The type and version of the database ...

In this section, we'll show you how you can take advantage of the standard decoding performed by websites to evade input filters and inject harmful payloads for a variety of attacks, such as …

The methodology is similar to that used in SQL injection. However the nature of the attack varies significantly, as NoSQL databases use a range of query languages, types of query syntax, and …

Once you have detected a potential SQL vulnerability, one of the next steps is to identify the type of statement type you are dealing with. The example uses a version of "Mutillidae" taken from …

Dec 16, 2025 · SQL injection vulnerabilities occur when an attacker can interfere with the queries that an application makes to its database. You can use Burp to test for these vulnerabilities: