Jay didn't have malicious intent — he was ethical. He manually changed the id=245 to id=245 OR 1=1 . The page loaded all products. Then he tried id=245 UNION SELECT username, password FROM users . The database helpfully returned admin credentials in plaintext.
…Google usually won’t accept random words like upd after an operator without a space or quotes — but if you put "upd" it would search pages containing that string. inurl indexphpid upd
If you meant something like:
commonly used to identify websites that use a PHP-based URL structure for database queries Jay didn't have malicious intent — he was ethical