Inurl -.com.my Index.php Id ((link))

If the input is not sanitized, an attacker can append malicious SQL commands to the URL.

If you find a site you own or have written permission to test: inurl -.com.my index.php id

Ensure the database user account used by your web application has only the permissions it absolutely needs. For example, it shouldn't have permission to drop tables if it only needs to read articles. 4. Use Web Application Firewalls (WAF) If the input is not sanitized, an attacker