The exploit demonstrates a SQL injection vulnerability in FS Expedia Clone via the 'hid' parameter in the 'hotel.php' file. It includes payloads for boolean-based blind, time-based blind, and UNION-based SQL injection attacks.
Classification
Working Poc 90%
Attack Type
Sqli
Complexity
Trivial
Reliability
Reliable
Target:FS Expedia Clone (version as of 23 October 2017)
No auth needed
Prerequisites:Access to the vulnerable 'hotel.php' endpoint