: Explain that if the id value is not properly sanitized, an attacker can append SQL commands to the URL. Example : Normal : index.php?id=1 Attack : index.php?id=1' OR 1=1--
One of the most iconic, persistent, and dangerous search strings in existence is this: inurl index.php%3Fid=