This is a writeup describing an SQL injection vulnerability in Law Firm Website Script 1.0. It provides a proof-of-concept URL demonstrating how SQL commands can be injected via the 'country', 'state', 'city', and 'farm_cat' parameters.
Classification
Writeup 90%
Attack Type
Sqli
Complexity
Trivial
Reliability
Reliable
Target:Law Firm Website Script 1.0
No auth needed
Prerequisites:Access to the vulnerable web application