Skip to content
Need Help
Screwfix Logo
Activating the button will move focus to the expanded search input field
StoresSelect a store
No items in basketCheckout
CHRISTMAS OPENING HOURS & delivery info
CHRISTMAS OPENING HOURS & delivery info43 STORES NATIONWIDE find your local storeCLICK & COLLECT in as little as 1 minuteDELIVERY IN 60 MINUTES OR LESS with Sprint
AN EXTRA 10% OFF SWIRL! USE CODE: SWIRL10 - SHOP NOW

{keyword} And 5241=cast((chr(113)||chr(112)||chr(120)||chr(98)||chr(113))||(select (case When (5241=5241) Then 1 Else 0 End))::text||(chr(113)||chr(118)||chr(112)||chr(106)||chr(113)) As Numeric) May 2026

The CHR() functions translate character codes into letters to bypass simple security filters. In this case, they spell out "qpxbq" and "qvpjq".

If a database is vulnerable, it will try to process this calculation. Because the resulting string (a mix of letters and the number 1) cannot be converted to a NUMERIC type, the database will throw an error message . An attacker looks for that specific error to confirm the database is open to manipulation. The CHR() functions translate character codes into letters

If you are seeing this in your website logs or a search bar, it’s likely an automated bot scanning for security holes. Because the resulting string (a mix of letters

The SELECT (CASE WHEN (5241=5241) THEN 1 ELSE 0 END) is a "true or false" test. Since 5241 always equals 5241, it returns 1 . The SELECT (CASE WHEN (5241=5241) THEN 1 ELSE

The CAST(... AS NUMERIC) part attempts to force the database to convert a string into a number.

It looks like you've shared a snippet of rather than a typical search topic. Specifically, this string is designed to test for vulnerabilities in a database by using PostgreSQL-specific syntax ( ::text and CHR functions).