[] NeoSense
E X P L O I T S
title author type platform port cve id

Online-Exam-System 2015 - 'fid' SQL Injection

Author: Berk Dusunur
type: webapps
platform: php
port: 
date_added: 2020-05-28 
date_updated: 2020-05-28 
verified: 0 
codes:  
tags: 
aliases:  
screenshot_url:  
application_url: 
# Exploit Title: Online-Exam-System 2015 - 'fid' SQL Injection
# Exploit Author: Berk Dusunur
# Google Dork: N/A
# Type: Web App
# Date: 2020-05-28
# Vendor Homepage: https://github.com/sunnygkp10/
# Software Link: https://github.com/sunnygkp10/Online-Exam-System-.git
# Affected Version: 2015
# Tested on: MacosX
# CVE : N/A

# PoC

Affected code

<?php if(@$_GET['fid']) {
echo '<br />';
$id=@$_GET['fid'];
$result = mysqli_query($con,"SELECT * FROM feedback WHERE id='$id' ") or
die('Error');

http://berklocal/dash.php?fid=SQL-INJECTION
Billing Policy . Cookies Policy . Conditions . Disclaimer . ICANN Policy . Legal Notice . Privacy Policy . Spam Policy . Usage Policy
Copyright © 2026 NEOSENSE. All rights reserved.