Home/ Questions/Q 5978559
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-22T21:32:00+00:00

I am visiting a site and I mistakenly entered a single quote while I

  • 0

I am visiting a site and I mistakenly entered a single quote while I was trying to hit the enter key.

The URL that got sent is: http://www.domain.tld/link.php?id=2603‘ (censored 🙂 )

Resulting in the following response from the site:

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ”’ at line 1

I’ve tried to do: http://www.domain.tld/link.php?id=2603; SHOW TABLES; But that didn’t work 😛

So my question is: can this site vulnerable to sql injection?

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    Most likely yes. Without getting into the details of how to perform an actual injection attack, you could try something like:

    http://www.domain.tld/link.php?id=2603‘;malicious code

    Incidentally, I HIGHLY recommend that you not dink around with this too diligently. Accessing other computers in an unauthorized manner is against the law in the US and many other countries, and if you do something damaging, they can come after you. The best bet is to contact the site’s owner and let them know exactly what you’re seeing so that they can address the issue.

    • 0