## https://sploitus.com/exploit?id=5F10688F-72B3-5E2B-83B6-82565652F686
The Magical Code Injection Rainbow! MCIR is a framework for building configurable vulnerability testbeds. It is a collection of tools designed to demonstrate various types of code injection vulnerabilities, including SQL injection, XML/XPath/XSL injection, Cross-Site Scripting (XSS), and shell command injection. The framework is intended to be used for educational purposes, allowing users to experiment with and understand the different types of attacks.
The MCIR framework includes several tools, each designed to demonstrate a specific type of vulnerability:
1. SQLol: A configurable SQL injection testbed that allows users to exploit SQL injection flaws and manipulate the manifestation of the flaw.
2. XMLmao: A configurable XML/XPath/XSL injection testbed that allows users to exploit XML/XPath injection flaws and manipulate the manifestation of the flaws.
3. XSSmh: A configurable Cross-Site Scripting injection testbed that allows users to exploit Cross-Site Scripting flaws and manipulate the manifestation of the flaws.
4. ShellOL: A configurable shell command injection testbed that allows users to exploit shell command injection flaws and manipulate the manifestation of the flaws.
5. RFIdk: A configurable PHP file inclusion testbed that allows users to exploit PHP file inclusion flaws and manipulate the manifestation of the flaws.
6. PHPwn