This is a working proof-of-concept for SQL injection vulnerabilities in eNdonesia Portal 8.7. The exploit demonstrates multiple SQLi vectors via the 'artid', 'cid', 'did', and 'contid' parameters, extracting database information such as user, database name, and version.
Classification
Working Poc 95%
Attack Type
Sqli
Complexity
Trivial
Reliability
Reliable
Target:eNdonesia Portal 8.7
No auth needed
Prerequisites:Access to the target web application