This exploit demonstrates a SQL injection vulnerability in Simple Free PHP Forum Script version 1. The PoC uses a time-based blind SQL injection technique via the 'id' parameter in the 'show=cat' request to verify the vulnerability.
Classification
Working Poc 90%
Attack Type
Sqli
Complexity
Trivial
Reliability
Reliable
Target:Simple Free PHP Forum Script <= 1
No auth needed
Prerequisites:Target application must be running Simple Free PHP Forum Script version 1 or earlier · The 'id' parameter must be accessible via the 'show=cat' request