Sql注入 "select * from T_User where UserName=‘" + txtUserName.Text+"‘" 注入:select * from T_User where UserName=‘‘or 1=1 --‘ and Password=‘1‘后面的被注释了 更改: select * from T_User where UserName=‘‘or 1=1 update T_User set Password=‘123‘ where UserName=‘admin‘ --
时间: 2024-07-30 05:47:52