Electroweb Online Examination System 1.0 - SQL Injection

EDB-ID:

39890

CVE:

N/A




Platform:

PHP

Date:

2016-06-06


# Exploit Title: Online examination system 1.0 - SQL Injection
# Google Dork: inurl:showtest.php?subid=
# Date: 2016/06/05
# Exploit Author: Ali Ghanbari
# Vendor Homepage: http://www.onlinefreeprojectdownload.com
# Sofware Link :
http://www.onlinefreeprojectdownload.com/download.php?name=projects/php%20projects/Online_exam.zip
# Version: 1.0

#Exploit:

http://localhost/{PATH}/showtest.php?subid=[SQL Injection]

#Admin Panel:

http://localhost/{PATH}/admin

####################################

[+]Exploit by: Ali Ghanbari

[+]My Telegram :@Exploiter007