The exploit demonstrates a SQL injection vulnerability in Online Print Business Software 1.0 via the 'cat_id' parameter in 'product-decs.php' and the 'page' parameter in 'info.php'. The PoC includes a crafted SQL payload that extracts table and column names from the database.
Classification
Working Poc 95%
Attack Type
Sqli
Complexity
Trivial
Reliability
Reliable
Target:Online Print Business Software 1.0
No auth needed
Prerequisites:Access to the vulnerable web application