The exploit demonstrates a SQL injection vulnerability in MySQL Blob Uploader v1.0, allowing an attacker to extract sensitive data (e.g., admin credentials) via crafted input in the 'id' parameter of download.php. The payload uses UNION-based injection with concat_ws to exfiltrate data from the 'admin' table.
Classification
Working Poc 95%
Attack Type
Sqli
Complexity
Trivial
Reliability
Reliable
Target:MySQL Blob Uploader v1.0
No auth needed
Prerequisites:Access to the vulnerable download.php endpoint