This writeup describes SQL injection vulnerabilities in Public Media Manager, including login bypass and information disclosure via UNION-based SQLi. No executable exploit code is provided.
Classification
Writeup 90%
Attack Type
Sqli | Auth Bypass | Info Leak
Complexity
Trivial
Reliability
Reliable
Target:Public Media Manager (version unspecified)
No auth needed
Prerequisites:access to the login page or vulnerable GET parameters