Category Archives: SQL

Exploit – mysql_real_escape_string

Proof of Concept – mysql_real_escape_string SQL Injection Exploit
Result – Returns ALL Db records due to missing quotes around variable in query

Mysql UUID Binary(16)

Mysql Wrong Date Format, Wrong Column Type

To fix a situation where you have a date formatted as 12/25/2015 in a varchar column type and want to store the correct date format in a date column, run the following query and then you can change the column type.