This exploit demonstrates a SQL injection vulnerability in the 'File Share' script's download.php endpoint. It allows an attacker to extract admin credentials by manipulating the 'downID' parameter, which can then be used to upload a shell.
Classification
Working Poc 90%
Attack Type
Sqli
Complexity
Trivial
Reliability
Reliable
Target:File Share script (all versions)
No auth needed
Prerequisites:Access to the vulnerable download.php endpoint