For November 2025, the Prisma does not support the updating of multiple records with different values. Although the transactions are being considered as main workaround for such cases, the transaction ...

I am sending a json array with filter parameters from ExtJs in the sql function parameter. filters look like this: [{"field":"product_type_id","data":{"type":&...

I'm working on a .NET application that needs to execute SQL parameterized by database objects like tables or columns. The application supports both the Microsoft SQL Server and Oracle ADO.NET ...

I'm trying to create database users in my Postgres database from Golang, and I can't seem to get queries to run. I'm able to establish a connection, but I cannot run create user X with password Y and ...

I have an extension for Entity Framework Core query to support between and I see that the SQL being parsed includes literal values. Is it vulnerable for SQL injection attacks? This is the extension ...

Our company site is behind WAF based on NGINX ModSecurity. And permanently in WAF logs we see blocked requests from site forms. Example: SQL Injection Attack Detected via libinjection - Matched Data: ...

I am working on a project and want to delete the table by passing the table_name which is coming from an API request. I want to bypass SQL Injection warning for delete query. I am using Python, and ...

I'm developing a multi-tenant Python web application where users need to query different database tables based on their client context. The challenge is constructing secure SQL queries when table ...

I have a stored procedure that we are scanning using some AI tools to look for vulnerabilities. I am doing a dynamic SQL statement with an order by clause and that parameter for that order by I am ...

I was asked to make this code SQL Injection proof: <?php $connection = mysqli_connect("localhost", "root", "password", "users_db"); $query = "SELECT * ...

I'm developing a web application that interacts with Databricks using the Databricks SQL connector. The application allows users from different teams to add/rename/delete columns of existing tables. ...

I'm trying to use Psalm to detect SQL Injections. I have the following code : $pdo = new PDO("mysql:host=db;dbname=tp;port=3306", "user", "password");; // VULNERABLE ...

I'm working on a C# application using Npgsql to query a PostgreSQL database. I have the following method that constructs a query dynamically while using parameterized queries to prevent SQL injection: ...

I am working on a CTF. I need to do a SQL injection into a dummy website. In this website when signing up there is not input clean up of any sorts for the username field, and as a friend confirmed it ...

I'm using Dapper in my project and I want to pass table name as a dynamic parameter in the query. This is my code: var tableName = GetTableNameDynamically<TEntity>(); using (var builder = new ...