This exploit demonstrates a SQL injection vulnerability in the PizzaInn_Project's reserve-exec.php file. The vulnerable code directly inserts user-controlled input from the 'id' parameter into a SQL query without sanitization, allowing for time-based blind SQL injection.
Classification
Working Poc 90%
Target:
PizzaInn_Project (Restaurant Management Information System)
No auth needed
Prerequisites:
Access to the vulnerable endpoint (reserve-exec.php)