This is a functional SQL injection exploit targeting the 'Classifieds Script' via the 'type' parameter in 'showcategory.php'. The PoC extracts admin credentials by leveraging a UNION-based SQLi attack.
Classification
Working Poc 90%
Attack Type
Sqli
Complexity
Trivial
Reliability
Reliable
Target:Classifieds Script (version unspecified)
No auth needed
Prerequisites:Target must have 'showcategory.php' exposed · Target must be vulnerable to SQL injection