3253
Comments (207)
sorted by:
You're viewing a single comment thread. View all comments, or full comment thread.
2
Berglewits 2 points ago +2 / -0

I think i was conflating SQL injection with a different SQL vulnerability that used to exist but was removed in more modern versions some time ago.

1
Amaroq64 1 point ago +1 / -0

I seem to remember there was a way to literally inject SQL itself. It involved putting an SLQ comment (--) and then a malicious query, and then SQL itself would execute the comment, commenting out the developer's query and executing yours.