Authored by Amine

Simple Online College Entrance Exam System version 1.0 suffers from a remote SQL injection vulnerability. Original discovery of SQL injection in this version is attributed to Mevlut Yilmaz in October of 2021.

# Exploit Title: Simple Online College Entrance Exam System 1.0 - 'Multiple' SQL injection
# Date: 07.10.2021
# Exploit Author: Amine ismail @aminei_
# Vendor Homepage:
# Software Link:
# Version: 1.0
# Tested on: Windows 10, Kali Linux
# Multiple SQL injections

The following PoCs will leak the admin username and password: