This exploit demonstrates a SQL injection vulnerability in LiveCRM 1.0, allowing attackers to extract database information via crafted SQL queries in the 'id' parameter of multiple endpoints.
Classification
Working Poc 90%
Attack Type
Sqli
Complexity
Moderate
Reliability
Reliable
Target:LiveCRM 1.0
No auth needed
Prerequisites:Access to the vulnerable LiveCRM web application