EIP-2026-106397

This exploit demonstrates a SQL injection vulnerability in De-Tutor 1.0, where the 'id' parameter in 'blog-details.php' is directly interpolated into a SQL query without sanitization. The PoC includes a crafted payload that extracts database schema information via error-based SQLi techniques.