The exploit demonstrates a SQL injection vulnerability in Zigaform PHP Form Builder v2.9.1 via the 'form' parameter in the frontend/viewform/ endpoint. The PoC provides a direct URL-based injection vector without requiring authentication.
Classification
Working Poc 90%
Attack Type
Sqli
Complexity
Trivial
Reliability
Reliable
Target:Zigaform - PHP Form Builder - Contact & Survey v2.9.1