This exploit demonstrates SQL injection vulnerabilities in Easy Web Search 4.0 via the 'id' parameter in admin-delete.php and admin-spidermode.php. The PoC includes a crafted SQL payload to extract database information.
Classification
Working Poc 90%
Attack Type
Sqli
Complexity
Trivial
Reliability
Reliable
Target:Easy Web Search 4.0
No auth needed
Prerequisites:Access to the vulnerable admin endpoints