select cast (2000 as type of quint) from rdb$database select cast (2000 as int) from rdb$database. If TYPE OF is used with a (VAR)CHAR type, its character.
Best Result For : 999999.9 uNiOn aLl sElEcT cAsT 0x393133353134353632312e39 as char
SELECT DISTINCT CAST(EnglishProductName AS char(10)) AS Name, ListPrice FROM dbo.
Free Online Games on Fukgames.com Play Free Games,Free online games, Free Games, Play Free Online Games at FukGames.com For Free, Addicting Free Games.
0x393 עופר וינטר נפתלי בנט יש עתיד זהבה גלאון עמיר פרץ בחירות 2015.
Pi Music Player -- MP3 Player, YouTube Music Videos. 3.0.0c com.Project100Pi.themusicplayer. 67305. Fruit Select.
'999999.9' /**/uNiOn/**/aLl /**/sElEcT 0x393133353134353632312e39,0x393133353134353632322e39,0x393133353134353632332e39 and '0'='' için Arama Sonuçları.
UNION ALL пример: SELECT 'foo' AS bar UNION ALL SELECT 'foo' AS bar ...
They are combining 126, 39, database name as hex value, 39, and 126. -- is a mysql comment - it ignores the rest of your query after.
but they are not recognized as attacks by glastopf. It should be useful, I think, to parse 'UNION ALL' string as SQL injection. I'm currently very busy and I don't have the time to study and modify the code, so don't blame me if I only notify here about the issue without contribute