The provided text describes a SQL injection vulnerability in Bs Auction Script, specifically in the 'confirm.php' file with the 'id' parameter. It includes details about the vulnerability, affected software, and a demo URL but lacks functional exploit code.
Classification
Writeup 90%
Attack Type
Sqli
Complexity
Trivial
Reliability
Theoretical
Target:Bs Auction Script
No auth needed
Prerequisites:Access to the vulnerable 'confirm.php' endpoint