The provided text describes an SQL injection vulnerability in SmartBox, where user-supplied input is not properly sanitized. It includes a sample exploit URL demonstrating the vulnerability but lacks executable code.
Classification
Writeup 80%
Attack Type
Sqli
Complexity
Trivial
Reliability
Theoretical
Target:SmartBox (version unspecified)
No auth needed
Prerequisites:Access to the vulnerable web application