The exploit demonstrates blind SQL injection and XSS vulnerabilities in Clansphere. The SQLi is executed via the 'id' and 'year' parameters, while the XSS is triggered through a malformed URL path.
Classification
Working Poc 90%
Attack Type
Sqli | Xss
Complexity
Trivial
Reliability
Reliable
Target:Clansphere (all versions)
No auth needed
Prerequisites:Access to the target web application