This exploit demonstrates a time-based blind SQL injection vulnerability in Rix4Web Portal. The vulnerability is triggered via the 'dir_link' parameter in a POST request to 'add-site.php', allowing an attacker to inject malicious SQL queries.
Classification
Working Poc 90%
Attack Type
Sqli
Complexity
Trivial
Reliability
Reliable
Target:Rix4Web Portal
No auth needed
Prerequisites:Access to the target application's 'add-site.php' endpoint