What does Vulnerable Column mean in UNION SELECT

Let’s say on your server-side code, you have this code:

So using this injection:

Would result in SQL statement as below:

If on the client-side (UI), “2” and “3” are displayed in the “title” and “description” fields, then we can say column 2 and column 3 of that table are vulnerable, which means if we put “version()” instead of 2 like below:

then on the “title” field, instead of “2” we will receive the version value.

So basically, vulnerable columns are those that we have exposure of them on the client-side (UI) and we can see the result of injected code, for example in the above code, the version.

Powered by themekiller.com anime4online.com animextoon.com