There is a nice SQL Injection Pocket Reference up on Google Docs

Here is what is covered

MySQL
Default Databases
Comment Out Query
Testing Injection
Strings
Numeric
In a login
Testing Version
MySQL-specific code
Database Credentials
Database Names
Tables & Columns
Finding out number of columns
Retrieving Tables
Retrieving Columns
PROCEDURE ANALYSE()
Retrieving Multiple Tables/Columns at once
Find Tables from Column Name
Find Column From Table Name
Avoiding the use of single/double quotations
String concatenation
Privileges
FILE privilege
MySQL 4/5
MySQL 5
Out Of Band Channeling
Timing
DNS (requires FILE privilege)
SMB (requires FILE privilege)
Reading Files (requires FILE privilege)
Writing Files (requires FILE privilege)
Stacked Queries with PDO
User Defined Functions
Fuzzing and Obfuscation
Allowed Intermediary Characters
Allowed Intermediary Characters after AND/OR
Operators
Constants
MySQL Functions()
MySQL Password Hashing
MySQL Password() Cracker

MSSQL
Default Databases
Comment Out Query
Testing Version
Database Credentials
Database Server Hostname
Database Names
Tables & Columns
Retrieving Tables
Retrieving Columns
Retrieving Multiple Tables/Columns at once
OPENROWSET Attacks
System Command Execution
SP_PASSWORD (Hiding Query)
Stacked Queries
Fuzzing and Obfuscation
Encodings
Allowed Intermediary Characters
Allowed Intermediary Characters after AND/OR
MSSQL Password Hashing
MSSQL Password Cracker

ORACLE
Default Databases
Comment Out Query
Testing Version
Database Credentials
Database Names
Current Database
User Databases
Tables & Columns
Retrieving Tables
Retrieving Columns
Finding Tables from Column Name
Finding Column From Table Name
Fuzzing and Obfuscation
Avoiding the use of single/double quotations
Out Of Band Channeling
Time Delay
Heavy Query Time delays

You can find it here: SQL Injection Pocket Reference