CVE-2020-23763 SQL injection leading to Authentication bypass in “Online Book Store 1.0”

1) Go to the site developed with “Online Book Store 1.0”
2) click on “admin login” found on the bottom of the page
3) login with username “admin” and password as sql query 1’or’1’=’1
4) now you are logged in as admin

Leave a Reply

Your email address will not be published. Required fields are marked *