This exploit demonstrates a SQL injection vulnerability in SwissmangoCMS, allowing an attacker to extract user credentials via a crafted UNION-based SQL query. The PoC targets the 'main' parameter in the index.php file.
Classification
Working Poc 90%
Attack Type
Sqli
Complexity
Trivial
Reliability
Reliable
Target:SwissmangoCMS (version unspecified)
No auth needed
Prerequisites:Access to the vulnerable SwissmangoCMS instance