This exploit demonstrates a SQL injection vulnerability in Point of Sales 1.0, allowing an attacker to extract database information via a crafted GET request. The PoC includes steps to identify the vulnerability and a malicious request to retrieve the database name.
Classification
Working Poc 95%
Attack Type
Sqli
Complexity
Trivial
Reliability
Reliable
Target:Point of Sales 1.0
No auth needed
Prerequisites:Access to the target application URL · Vulnerable version of Point of Sales installed