Some applications that accept parameters in the URL may allow if the parameter specifies a file path rather than a database ID. For example, index.php?page=about.php might be vulnerable. An attacker could modify this to index.php?page=../../../../etc/passwd and retrieve system files.
is a Python-based tool specifically designed for scanning SQL injection vulnerabilities. It can accept a dork like inurl:index.php?id=1 as input and then query Google, Bing, or Yahoo for matching results. The tool then performs automated injection tests on the discovered URLs to identify actual vulnerabilities. inurl index php id 1 shop free
Once you fix the vulnerability, you need to clean Google's cache. Some applications that accept parameters in the URL