The exploit demonstrates a SQL injection vulnerability in Penny Auction version 5 via the 'show' and 'id' parameters in index.php. The provided URL example shows a crafted input that can be used to exploit the vulnerability.
Classification
Working Poc 90%
Attack Type
Sqli
Complexity
Trivial
Reliability
Reliable
Target:Penny Auction version 5
No auth needed
Prerequisites:Access to the target web application