chasehx - 8:28 pm on Apr 19, 2010 (gmt 0)
Adding a quick single or double quote to the end of a dynamic URL is the most basic way to test for SQL injection. A page like:
will throw an error if the url loaded is as follows(if there is not sufficient input validation):
They are scanning your site for weaknesses my friend. Keep a close eye on it would be my recommendation, and as always, fully sanitize user input.