From a1f250a73f12f2ac73e6fe5f2b0f3550754dee94 Mon Sep 17 00:00:00 2001
From: Rick Lawson <lawson89@gmail.com>
Date: Sat, 8 Oct 2022 20:06:19 -0400
Subject: [PATCH] Fixes Security hole in blacklist for MySQL #490

Blacklist on insert keyword only instead of insert into since into is optional in at least MySQL and MS SQL
---
 explorer/app_settings.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/explorer/app_settings.py b/explorer/app_settings.py
index 013d3754..169d0754 100644
--- a/explorer/app_settings.py
+++ b/explorer/app_settings.py
@@ -22,7 +22,7 @@
         'RENAME ',
         'DROP',
         'TRUNCATE',
-        'INSERT INTO',
+        'INSERT',
         'UPDATE',
         'REPLACE',
         'DELETE',