The exploit demonstrates SQL injection vulnerabilities in Online Quiz Project 1.0, including a time-based blind SQLi via the 'cat_id' parameter and an authentication bypass via crafted login credentials. The PoC includes specific payloads and vulnerable code snippets.
Classification
Working Poc 95%
Attack Type
Sqli
Complexity
Trivial
Reliability
Reliable
Target:Online Quiz Project 1.0
No auth needed
Prerequisites:Access to the target web application