This exploit demonstrates an unauthenticated SQL injection vulnerability in OS Property 2.8.0 via the 'country_id' parameter. The payload uses a UNION-based query to extract data from the database.
Classification
Working Poc 90%
Attack Type
Sqli
Complexity
Trivial
Reliability
Reliable
Target:OS Property 2.8.0
No auth needed
Prerequisites:Access to the target URL · MySQL database backend