This is a technical writeup detailing a SQL injection vulnerability in NetArt Media iBoutique v4.0, where the 'key' parameter in '/index.php' is not properly sanitized, allowing arbitrary SQL code injection. The document includes a proof-of-concept URL and technical details but does not contain functional exploit code.
Classification
Writeup 95%
Target:
NetArt Media iBoutique v4.0
No auth needed
Prerequisites:
Access to the target application's '/index.php' endpoint