Last active
September 17, 2022 05:29
-
-
Save Mr-Akuma/8d84b564fb051caa1b1ea31b24f6b9fb to your computer and use it in GitHub Desktop.
SQL Injection in OU Campus
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Description: OU Campus login page v 10.2.4 is prone to an SQL injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. | |
| payload: " OR 1 = 1 -- - , <?php system($_GET["cmd"]); ?> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment