Track Journal Evaluation Progress
Zauq-e-Tahqeeq
ISSN: 2789-8784 | E-ISSN: 2789-8776
Submission Received: 10 November 2021
Inprocess Verified Un-verified
Current Status: Title is Under Review
The provided input is a UNION-based SQL injection payload designed to determine the number of columns in a database query by matching column counts with NULL values. This reconnaissance technique often uses comment indicators ( -- ) to bypass original query constraints, aiming to eventually exfiltrate data from the backend database. For a detailed explanation, read the full article at PortSwigger . SQL injection UNION attacks | Web Security Academy