Electroweb Online Examination System 1.0 SQL Injection

2016.06.07

Credit: Ali Ghanbari

Risk: Medium

Local: No

Remote: Yes

CVE: N/A

CWE: CWE-89

Dork: inurl:showtest.php?subid=

# Exploit Title: Online examination system 1.0 - SQL Injection
# Google Dork: inurl:showtest.php?subid=
# Date: 2016/06/05
# Exploit Author: Ali Ghanbari
# Vendor Homepage: http://www.onlinefreeprojectdownload.com
# Sofware Link :
http://www.onlinefreeprojectdownload.com/download.php?name=projects/php%20projects/Online_exam.zip
# Version: 1.0
#Exploit:
http://localhost/{PATH}/showtest.php?subid=[SQL Injection]
#Admin Panel:
http://localhost/{PATH}/admin
####################################
[+]Exploit by: Ali Ghanbari
[+]My Telegram :@Exploiter007

See this note in RAW Version

Vote for this issue:

50%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

Electroweb Online Examination System 1.0 SQL Injection

Dork: inurl:showtest.php?subid=

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.