The exploit demonstrates a SQL injection vulnerability in the Justdial Clone Script, specifically targeting the 'fid' parameter in 'restaurants-details.php'. The provided payload extracts database information using MySQL-specific syntax and concatenation techniques.
Classification
Working Poc 90%
Attack Type
Sqli
Complexity
Moderate
Reliability
Reliable
Target:Justdial Clone Script (version not specified)
No auth needed
Prerequisites:Access to the vulnerable endpoint · MySQL database backend