Skip to main content

An official website of the United States government

Here’s how you know

-9108 Union All Select 34,34# Access

This code snippet, -9108 UNION ALL SELECT 34,34# , is a classic example of syntax used for testing vulnerabilities in a database.

Here are three post drafts tailored for different audiences. Option 1: Educational (Cybersecurity 101)

Don't let your data be the next leak. Use parameterized queries! 🛡️ #TechNews #Programming #SQLi #WebSecurity -9108 UNION ALL SELECT 34,34#

Stop concatenating strings and start using Prepared Statements . #CyberSecurity #WebDev #InfoSec #SQLInjection Option 2: The "Dev-to-Dev" Quick Tip Stop trusting user input! 🛡️

This is a textbook SQL Injection test. The attacker is trying to see if they can manipulate your database output. If you see "34" pop up where a username or product should be, you’ve got a vulnerability. This code snippet, -9108 UNION ALL SELECT 34,34#

I can refine the technical details or add more platform-specific hashtags if you'd like! UNION ALL - IBM

Attackers use the operator to append their own data to your query results. By using a non-existent ID like -9108 , they ensure the original data is hidden, leaving only their injected values (the 34,34 ) visible. The # at the end simply comments out the rest of your original code to prevent syntax errors. Use parameterized queries

🚩 Seeing -9108 UNION ALL SELECT 34,34# in your input fields.

GSA.gov

An official website of the U.S. General Services Administration

Looking for U.S. government information and services?
Visit USA.gov