This exploit demonstrates a SQL injection vulnerability in IssueTrak <= 7.0, affecting multiple parameters in the IssueSearch_Process.asp endpoint. The provided HTTP request and SQLMap command can be used to exploit the vulnerability, potentially allowing unauthorized database access.
Classification
Working Poc 90%
Attack Type
Sqli
Complexity
Trivial
Reliability
Reliable
Target:IssueTrak <= 7.0
No auth needed
Prerequisites:Access to the IssueSearch_Process.asp endpoint