: This is a SQL comment, which tells the database to ignore the rest of the original, legitimate query that follows. The Goal of the Attack
If the column count is wrong (e.g., the original query has 7 or 9 columns), the database will return an error. : This is a SQL comment, which tells
The payload you provided, ' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- , is a common pattern used in to determine the number of columns returned by an original database query. What this Payload Does : This is a SQL comment
If the original query has 8 columns, the page will likely load normally or show an extra row of empty data. ' UNION ALL SELECT NULL
: Appends a new set of results to the original query's output.