SQL Injection: Drop All Tables

The vast majority of web applications do not allow query stacking. With PHP/MySQL application can allow for query stacking if you use the mysqli::multi_query()or mysqli_multi_query() functions.

You can exploit these systems using sub-select, union-selects, blind sql injection, into outfile, or loadfile(). SQLMap and Havij are both tools that automate the exploitation of SQL Injection. SQLMap is a great tool with a wide range of features, and supports a wide verity of injections and DBMS'es.