G
g--g
Can anyone supply me with ONE SINGLE example of how anyone could use
SQL injection in a dynamic SQL statement when the system is programmed
to remove : "single quotes", "semi-colon", and "double dashes" in all
input parameters passed to the SQL syntax?
I can't seem to find one example of SQL injection that does not
require the use of these SQL delimiters...
Thanks for any response.
SQL injection in a dynamic SQL statement when the system is programmed
to remove : "single quotes", "semi-colon", and "double dashes" in all
input parameters passed to the SQL syntax?
I can't seem to find one example of SQL injection that does not
require the use of these SQL delimiters...
Thanks for any response.