This exploit demonstrates a time-based blind SQL injection vulnerability in OpenCimetiere v3.0.0-a5. The attack targets the login parameter in a POST request to '/opencimetiere/scr/login.php', allowing unauthorized database access.
Classification
Working Poc 90%
Attack Type
Sqli
Complexity
Trivial
Reliability
Reliable
Target:OpenCimetiere v3.0.0-a5
No auth needed
Prerequisites:Access to the login page · PostgreSQL database backend