Inurl Pk Id 1 -

$query = "SELECT * FROM users WHERE id = " . $_GET['id'];

The attacker tries to break the query by typing in the browser: https://www.example-shop.com/view.php?pk=1'&id=1 inurl pk id 1

An attacker goes to Google and types inurl:pk id 1 . Google returns 1,200 results. Among them is: https://www.example-shop.com/view.php?pk=1&id=1 $query = "SELECT * FROM users WHERE id = "

inurl:pk id 1 is effectively searching for URLs that contain the parameters pk AND id AND also contain the numeric value 1 . password FROM admin_users&id=1

The attacker uses a tool like sqlmap or manually crafts a payload to extract data: ?pk=1 UNION SELECT username, password FROM admin_users&id=1