Online Course Registration 2.0 - SQL Injection on Student Pincode Verification (Verification Code Bypass)

2021.06.17

BHAVESH KAUL (SE)

Risk: Medium

Local: No

Remote: Yes

CVE: N/A

CWE: N/A

# Exploit Title: Online Course Registration 2.0 - SQL Injection on Student Pincode Verification (Verification Code Bypass)
# Date: 14 June 2021
# Exploit Author: BHAVESH KAUL
# Author Linkedin: https://www.linkedin.com/in/bhavesh-kaul-cs/
# Vendor Homepage: https://phpgurukul.com
# Software Link: https://phpgurukul.com/online-course-registration-free-download/
# Version: 2.0
# Tested on: Server: XAMPP

# Description #

Online Course Registration 2.0 is vulnerable to SQL Injection on it's student pincode verification field because of insufficient user supplied data sanitization and the sql injection payload being executed. A malicious attacker student is able to enroll to any course without having to know the student verification code.

# Proof of Concept (PoC) : Exploit #

1) Login as student with default credentials: 10806121/Test@123

2) Goto: http://localhost/onlinecourse/pincode-verification.php

2) Enter the following payload and click Verify: ' OR 'x'='x

3) SQL Injection successful and student is able to enroll in any course

See this note in RAW Version

Vote for this issue:

100%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

Online Course Registration 2.0 - SQL Injection on Student Pincode Verification (Verification Code Bypass)

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.