This exploit demonstrates SQL injection vulnerabilities in GIF Collection 2.0, allowing an attacker to inject SQL commands via the 'id' parameter in multiple endpoints. The PoC includes specific payloads for extracting user credentials.
Classification
Working Poc 90%
Attack Type
Sqli
Complexity
Trivial
Reliability
Reliable
Target:GIF Collection 2.0
No auth needed
Prerequisites:Access to the vulnerable web application