Blind SQL injection attacks are a well know and recognized form of code injection attack, but there are many other forms, some not so well documented or understood.

SQL盲注攻击是一种为人熟知的代码注入攻击形式，但是也有很多其他形式，有些尚未得到很好的记载和了解。

youdao

This attack functions almost exactly like the blind SQL injection attack but, unlike SQL injection attacks, few people know about XPath injection attacks or take precautions against them.

这种攻击的运作跟SQL盲注攻击几乎完全相似，与SQL注入攻击不同的是，几乎没什么人了解XPath盲注攻击或对其进行预防。

youdao