Submit #154623: Online Exam System v1.0 /CEE/adminpanel/admin/facebox_modal/updateCourse.php GET parameter id exists SQL injection vulnerabilityinfo

TitleOnline Exam System v1.0 /CEE/adminpanel/admin/facebox_modal/updateCourse.php GET parameter id exists SQL injection vulnerability
DescriptionAn issue was discovered in Online Exam System v1.0. There is a SQL injection that can directly issue instructions to the background database system via /CEE/adminpanel/admin/facebox_modal/updateCourse.php?id. Vulnerability File: /CEE/adminpanel/admin/facebox_modal/updateCourse.php GET parameter 'id' exists SQL injection vulnerability Payload1:id=-2' union all select null,concat(0x76777879,0x52535556),null-- -
Source⚠️ https://github.com/sushanburanxisha/cve/blob/main/SQLi-1.md
User
 hukai (UID 46473)
Submission05/10/2023 12:12 (3 years ago)
Moderation05/11/2023 07:17 (19 hours later)
StatusAccepted
VulDB entry228771 [SourceCodester Online Exam System 1.0 GET Parameter updateCourse.php ID sql injection]
Points20

PreviousOverviewNext

Do you need the next level of professionalism?

Upgrade your account now!