Slight offtopic - manipulating db when multiple statments per execution not supported

[konrads.smelkovs at gmail.com (Konrads Smelkovs)]

Hi,

Sorry for offtopic, but perhaps folks here would know.
I am pentesting an application which is vulnerable to SQL Injection attacks.
However, the DB driver which the application uses apparently does not
support multiple statements per execution: I can't do select * from bar
where baz='XXX'; update .... --
What tricks are there to overcome this? UNION is one, but it only works for
SELECT statements and I can't execute insert, update, delete statements.
The DB is Informix 7
-- 
Konrads Smelkovs
Applied IT sorcery.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.metasploit.com/pipermail/framework/attachments/20071207/1d3bb98c/attachment.htm>