EIP-2026-105635

This exploit targets a SQL injection vulnerability in BtiTracker versions 1.3.X to 1.4.X. It crafts a malicious SQL query to extract user credentials (username, password, email) from the database via a union-based SQLi attack.