This exploit demonstrates a SQL injection vulnerability in FILE SHARE V 1.0 via the 'recordID' parameter. The provided payload extracts user credentials from the 'mombre' table using a UNION-based attack.
Classification
Working Poc 90%
Attack Type
Sqli
Complexity
Trivial
Reliability
Reliable
Target:FILE SHARE V 1.0
No auth needed
Prerequisites:Access to the vulnerable 'file.php' endpoint