SELECT * FROM users WHERE username = '$searchTerm' AND password = '$password';
Here’s a text explaining from the OWASP Security Shepherd project, including the goal, the vulnerability, and how to solve it.
But = is fine. However, '1'='1' still contains no filtered word.
SELECT * FROM users WHERE username = '$searchTerm' AND password = '$password';
Here’s a text explaining from the OWASP Security Shepherd project, including the goal, the vulnerability, and how to solve it. Sql Injection Challenge 5 Security Shepherd
But = is fine. However, '1'='1' still contains no filtered word. SELECT * FROM users WHERE username = '$searchTerm'