Submit #154623: Online Exam System v1.0 /CEE/adminpanel/admin/facebox_modal/updateCourse.php GET parameter id exists SQL injection vulnerabilityinfo

TitelOnline Exam System v1.0 /CEE/adminpanel/admin/facebox_modal/updateCourse.php GET parameter id exists SQL injection vulnerability
BeschreibungAn issue was discovered in Online Exam System v1.0. There is a SQL injection that can directly issue instructions to the background database system via /CEE/adminpanel/admin/facebox_modal/updateCourse.php?id. Vulnerability File: /CEE/adminpanel/admin/facebox_modal/updateCourse.php GET parameter 'id' exists SQL injection vulnerability Payload1:id=-2' union all select null,concat(0x76777879,0x52535556),null-- -
Quelle⚠️ https://github.com/sushanburanxisha/cve/blob/main/SQLi-1.md
Benutzer
 hukai (UID 46473)
Einreichung10.05.2023 12:12 (vor 3 Jahren)
Moderieren11.05.2023 07:17 (19 hours later)
StatusAkzeptiert
VulDB Eintrag228771 [SourceCodester Online Exam System 1.0 GET Parameter updateCourse.php ID SQL Injection]
Punkte20

ZurückÜbersichtWeiter

Do you want to use VulDB in your project?

Use the official API to access entries easily!