This is a writeup detailing a SQL injection vulnerability in Webiz software, specifically in the `index.php` file with parameters `prID` and `apprec`. It provides exploitation steps and SQL queries to extract user credentials.
Classification
Writeup 90%
Attack Type
Sqli
Complexity
Trivial
Reliability
Reliable
Target:Webiz (version not specified)
No auth needed
Prerequisites:Access to the vulnerable Webiz application · Knowledge of the database name