CVEs-PoC/2020/CVE-2020-12429.md

CVE-2020-12429

Description

Online Course Registration 2.0 has multiple SQL injections that would can lead to a complete database compromise and authentication bypass in the login pages: admin/change-password.php, admin/check_availability.php, admin/index.php, change-password.php, check_availability.php, includes/header.php, index.php, and pincode-verification.php.

POC

Reference

• https://www.exploit-db.com/exploits/48385

Github

No PoCs found on GitHub currently.