School Management Script 3.0.4 – Authentication Bypass

Exploit Database
87 阅读

作者： Samiran Santra

日期： 2018-02-27
类别：
- webapps
平台：
- php
来源：https://www.exploit-db.com/exploits/44191/

# Exploit Title: SQL Injection exists in PHP Scripts Mall School Management Script 3.0.4.
# Date: 26/02/2018
# Exploit Author: Samiran Santra
# Vendor Homepage: https://www.phpscriptsmall.com
# Software Link: https://www.phpscriptsmall.com/product/school-management-system
# Version: v3.0.4
#Tested on: Windows 
# Website: https://indiancybersecuritysolutions.com/
# CVE: CVE-2018-7477
# Category: webapps


Proof of Concept


1.First go to this link- http://localhost/PATH/parents/Parent_module/parent_login.php

2.In Username and Password filed just type sql-injection cheat-code (x'or'x'='x)

3.Now you can successfully login as a admin user

last Exploits
School Management Script 3.0.4 – Authentication Bypass的更多信息

XAMPP 1.7.3 – Multiple Vulnerabilities：
Preisschlacht Multi Liveshop System – ‘index.php?aid’ SQL Injection：
Episerver 7 patch 4 – XML External Entity Injection：
WordPress Plugin XCloner 4.2.12 – Remote Code Execution (Authenticated)：
ATutor 2.2 – Multiple Cross-Site Scripting Vulnerabilities：
Private Photos 1.0 iOS – Persistent Cross-Site Scripting：
LiveCRM SaaS Cloud 1.0 – SQL Injection：
OL-Commerce – ‘/OL-Commerce/create_account.php?country’ SQL Injection：