This exploit demonstrates a time-based blind SQL injection vulnerability in the 'godontologico v5' software. The vulnerable parameter is 'usuario' in a POST request to '/gco/wallpapers/index_ajax.php', allowing unauthorized access to the 'funcionarios' table.
Classification
Working Poc 90%
Attack Type
Sqli
Complexity
Trivial
Reliability
Reliable
Target:godontologico v5
No auth needed
Prerequisites:Access to the target application · Network connectivity to the target