Unauthenticated SQL Injection in [Affected Component] Severity: Critical Vulnerability Type: SQL Injection (CWE-89)
Implement a strict allow-list for expected input formats.
The following payload was submitted to the endpoint: -3983 UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,'qbqvq'||'lhsxrmQErH'||'qqbqq',NULL,NULL-- Impact: Unauthorized access to the entire database.
Potential exposure of user credentials, personal info, or proprietary data. Possible modification or deletion of database records.
: The attacker is matching the number of columns in the original database table. In this case, there are 9 columns.
It looks like your request contains a , specifically a UNION ALL SELECT statement commonly used by security researchers or automated tools to test for vulnerabilities in databases.