string query = "SELECT * FROM Student where LastName = '" + lastName + "'";
Try this when lastName =
Jones';DELETE FROM STUDENT;--
Even if your tables are read-only, an attacker can find out a lot of information.
© 2024 Digcode.com