Help me about SQL INJECTION ?!
I scanned my website with this scanner never used before and this is below it gives me the result:
<< Blind SQL injection was found at: "localhost/index.aspx", using HTTP method POST. The sent post-data was: "...ddOptionspassword=1 or pgsleep(5)...". This vulnerability was found in the request with id 245. >>
While observing the above results provided by the scanner "w3af," I wonder how translated or convert this result into a link that I can try and use my browser just to find the error ???
Should I: localhost/index.aspx/pgsleep (5) or localhost/index.aspx/...ddOptionspassword=1 ???
Give me an idea to find the correct ideal link that will allow me to find the SQL error in my web browser by following course the above result provided by the scanner "w3af" ???