Teachers record management system 1.0 multiple sql injection (authenticated) Vulnerability / Exploit
/
/
/
Exploits / Vulnerability Discovered : 2021-06-16 |
Type : webapps |
Platform : php
This exploit / vulnerability Teachers record management system 1.0 multiple sql injection (authenticated) is for educational purposes only and if it is used you will do on your own risk!
[+] Code ...
# Exploit Title: Teachers Record Management System 1.0 – Multiple SQL Injection (Authenticated)
# Date: 05-10-2021
# Exploit Author: nhattruong
# Vendor Homepage: https://phpgurukul.com
# Software Link: https://phpgurukul.com/teachers-record-management-system-using-php-and-mysql/
# Version: 1.0
# Tested on: Windows 10 + XAMPP v3.2.4
POC:
1. Go to url http://localhost/login.php
2. Login with default creds
3. Execute the payload