This exploit demonstrates SQL injection vulnerabilities in Vlinks 2.0.3, allowing an attacker to extract user credentials (pseudo and passe) from the 'infos' table via UNION-based SQLi in the 'id' parameter.
Classification
Working Poc 90%
Attack Type
Sqli
Complexity
Trivial
Reliability
Reliable
Target:Vlinks 2.0.3 (and all versions)
No auth needed
Prerequisites:Access to the vulnerable web application