This exploit demonstrates SQL injection vulnerabilities in FTP Made Easy PRO 1.2 via the 'id' parameter in admin-ftp-del.php and admin-ftp-change.php. The PoC includes a crafted SQL payload to extract database information.
Classification
Working Poc 90%
Attack Type
Sqli
Complexity
Trivial
Reliability
Reliable
Target:FTP Made Easy PRO 1.2
Auth required
Prerequisites:Access to the vulnerable admin endpoints · Valid authentication credentials