The exploit demonstrates a SQL injection vulnerability in Vishesh Auto Index 3.1 via the 'fid' parameter in 'file.php' and 'download.php'. It uses UNION-based SQLi to extract database schema and column names.
Classification
Working Poc 95%
Attack Type
Sqli
Complexity
Moderate
Reliability
Reliable
Target:Vishesh Auto Index 3.1
No auth needed
Prerequisites:Access to the vulnerable web application