Online Exam System SQL注入漏洞

Online Exam System is an online exam system. Online Exam System v1.0 suffers from a SQL injection vulnerability that originates from the lack of validation of external input SQL statements in the parameters columns, data of /jurusanmatkul/data. An attacker can exploit this vulnerability to execut...

PT-2023-21305 · Sourcecodester · Sourcecodester Online Exam System

Name of the Vulnerable Software and Affected Versions: SourceCodester Online Exam System version 1.0 Description: A critical issue has been found in the processing of the file /jurusanmatkul/data, where the manipulation of the argument columns1data leads to SQL injection. The attack can be...