This exploit demonstrates a SQL injection vulnerability in PHP Coupon Script 6.0 via the 'cid' parameter. The PoC includes a crafted payload using MySQL functions like 'extractvalue' to exfiltrate database version information.
Classification
Working Poc 90%
Attack Type
Sqli
Complexity
Trivial
Reliability
Reliable
Target:PHP Coupon Script 6.0
No auth needed
Prerequisites:Access to the vulnerable web application