POC详情: 727cbd36958d015b75bb8091125a64a497213559

来源
https://github.com/byteReaper77/CVE-2025-11077
关联漏洞
标题: CampCodes Online Learning Management System SQL注入漏洞 (CVE-2025-11077)
描述:CampCodes Online Learning Management System是菲律宾CampCodes公司的一个在线学习管理系统。 CampCodes Online Learning Management System System 1.0版本存在SQL注入漏洞,该漏洞源于对文件/admin/add_content.php中参数Title的错误操作,可能导致SQL注入攻击。
描述
Exploit blind SQL Injection in (Online Learning Management System)
介绍
# CVE-2025-11077 -  SQL Injection 
**Author: Byte Reaper**

## Description
This vulnerability is a Blind SQL Injection in the add_content.php file of the Online Learning Management System (CVE-2025-11077), allowing an attacker to extract database information by sending crafted POST requests.
## Requirements :
```
Linux x86_64
GCC
```

## Build :
```
	gcc exploit.c argparse.c -o CVE-2025-11077 -lcurl
```
## Run :
```
	- HELP :
	./CVE-2025-11077 -h

	- Target URL (base url)
	./CVE-2025-11077 -u http://[IP]

	- log file :
	./CVE-2025-11077 -f [FILE]

	- Check time-based blind :
    ./CVE-2025-11077 -u http://[IP] -b

    - Cookies FILE :
    ./CVE-2025-11077 -u http://[IP] -c [FILE]
```
## References : 
- NVD : https://nvd.nist.gov/vuln/detail/CVE-2025-11077
- CVE : https://www.cve.org/CVERecord?id=CVE-2025-11077
- Exploit Code : https://bytrep.com/exploit11077.html
## Observation : 
- This is an exploitation taken from the platform https://bytrep.com/

## License : 

MIT
文件快照

 [4.0K]  /data/pocs/727cbd36958d015b75bb8091125a64a497213559
├── [ 37K]  exploit.c
├── [1.0K]  LICENSE
└── [1.0K]  README.md

0 directories, 3 files
神龙机器人已为您缓存
备注
    1. 建议优先通过来源进行访问。
    2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
    3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。