This code will print the columns number found by the injection.

In order to view the content of the fields, you must exchange the number with the field name, adding a FROM table_name at the end of the injection query.

This code will send to an arbitrary email address the password of a registered user.

In order to test the following bug, you must know the AES key (default: mykey) and a registered username. Please change the email account into the injection query to view the result.