Null,null,null,null,null,null,null From Msysaccessobjects-- Nedi | {keyword}' Union All Select

If successful, this allows someone to extract hidden information from a database, bypass logins, or see the internal structure of the site's data [1, 2]. If you see this in your website logs, it means a bot or a user is actively scanning your site for vulnerabilities.

: The attacker is trying to match the exact number of columns used in the original database query [1, 4]. If the number of NULLs matches the number of columns, the page will load without an error, telling the attacker how many columns are in that table [4]. If successful, this allows someone to extract hidden

: This is used to combine the results of the original intended query with data from a second query that the attacker controls [1]. If the number of NULLs matches the number

: This is a comment symbol used to "ignore" the rest of the original code, preventing syntax errors [1]. That string is a classic example of a attack payload [1]

That string is a classic example of a attack payload [1]. Specifically, it's designed to probe or exploit an Access database (indicated by MSysAccessObjects ) [2, 3].