This exploit demonstrates an SQL injection vulnerability in Nenriki CMS 0.5 by manipulating the ID cookie to extract user credentials via a UNION-based attack. The PoC uses JavaScript to set malicious cookies that exploit unsanitized input in SQL queries.
Classification
Working Poc 90%
Attack Type
Sqli
Complexity
Trivial
Reliability
Reliable
Target:Nenriki CMS 0.5
No auth needed
Prerequisites:Victim must visit a malicious link or have JavaScript execute in their browser context