This is a proof-of-concept for an SQL injection vulnerability in Microweber v0.905. The exploit demonstrates how an attacker can inject malicious SQL queries via the 'for_id' parameter in a POST request to extract sensitive database information.
Classification
Working Poc 90%
Attack Type
Sqli
Complexity
Trivial
Reliability
Reliable
Target:Microweber v0.905
No auth needed
Prerequisites:Access to the target application's checkout API endpoint