{
  "entrypoint_kind": "api_remote",
  "entrypoint_detail": "POST /wp-admin/admin-ajax.php action=salesmanago_export_count_contacts data=<base64 json with injected dateFrom>",
  "service_started": true,
  "healthcheck_passed": true,
  "target_path_reached": true,
  "runtime_stack": [
    "docker wordpress:6.7-php8.2-apache",
    "mysql:8.0",
    "SALESmanago plugin 3.11.2"
  ],
  "timing_seconds": {
    "sleep0": "0.079426",
    "sleep1": "6.076630",
    "sleep2": "12.015201"
  },
  "data_extraction": {
    "union_usercount": "2",
    "groundtruth_usercount": "2"
  },
  "fixed_control": {
    "union_http_status": "403"
  },
  "proof_artifacts": [
    "logs/vulnerable/summary.csv",
    "logs/fixed/summary.csv",
    "logs/vulnerable/req_union_usercount.txt",
    "logs/vulnerable/req_sleep2.txt",
    "logs/fixed/req_union_usercount.txt",
    "logs/vulnerable/resp_union_usercount_raw.txt",
    "logs/vulnerable/groundtruth_usercount.txt"
  ],
  "notes": "Time-based blind SQLi + UNION data extraction confirmed on vulnerable 3.11.2; fixed 3.11.3 returns HTTP 403 for Subscriber. Manifest written by reproduction_steps.sh (content also tee'd into logs/run.log); values reflect the latest confirmation run."
}
