This exploit demonstrates a SQL injection vulnerability in the 'index2.php' file of the Simpelside CMS, allowing an attacker to extract user credentials from the database. The PoC includes a sample query to dump usernames and passwords from the 'web1_brugere' table.
Classification
Working Poc 90%
Attack Type
Sqli
Complexity
Trivial
Reliability
Reliable
Target:Simpelside CMS (version unspecified)
No auth needed
Prerequisites:Access to the vulnerable 'index2.php' endpoint