The exploit demonstrates a SQL injection vulnerability in SG ERP 1.0 via the 'info' parameter in index.php. It includes a crafted HTTP request that extracts database schema information using a UNION-based SQLi technique.
Classification
Working Poc 95%
Attack Type
Sqli
Complexity
Moderate
Reliability
Reliable
Target:SG ERP 1.0
No auth needed
Prerequisites:Access to the target web application