This is a SQL injection (SQLi) proof-of-concept for frame-oshop, exploiting a vulnerable 'rid' parameter in the 'main.php' script. The PoC demonstrates information leakage by extracting the database version via a UNION-based SQLi attack.
Classification
Working Poc 90%
Attack Type
Sqli
Complexity
Trivial
Reliability
Reliable
Target:frame-oshop (version unknown)
No auth needed
Prerequisites:A vulnerable instance of frame-oshop with exposed 'main.php' script · A fresh session ID