This exploit demonstrates a SQL injection vulnerability in sNews via the 'id' parameter in index.php. It uses a UNION-based attack to extract data from the 'categories' table, specifically concatenating the 'published' and 'name' fields.
Classification
Working Poc 90%
Attack Type
Sqli
Complexity
Trivial
Reliability
Reliable
Target:sNews (version not specified)
No auth needed
Prerequisites:Target running sNews with vulnerable index.php · SQL injection vulnerability in the 'id' parameter