itsourcecode
University Management System
1.0
Download Source Code: https://itsourcecode.com/wp-content/uploads/2022/01/University-Management-System-Project-In-PHP-Source-Code.zip
All login pages have a universal password vulnerability.
password=test&username=admin'#
Note: Utilizing the condition that a corresponding user name exists in the database, in the php/functions.php file, the "$username" is not filtered, resulting in the ability to comment out the password query by using "admin'#", thereby bypassing the verification.
![image](https://private-user-images.githubusercontent.com/57616357/349837347-95c9009b-3bb2-4d10-9b9a-d668bb85beb1.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MjE2NjI4OTQsIm5iZiI6MTcyMTY2MjU5NCwicGF0aCI6Ii81NzYxNjM1Ny8zNDk4MzczNDctOTVjOTAwOWItM2JiMi00ZDEwLTliOWEtZDY2OGJiODViZWIxLnBuZz9YLUFtei1BbGdvcml0aG09QVdTNC1ITUFDLVNIQTI1NiZYLUFtei1DcmVkZW50aWFsPUFLSUFWQ09EWUxTQTUzUFFLNFpBJTJGMjAyNDA3MjIlMkZ1cy1lYXN0LTElMkZzMyUyRmF3czRfcmVxdWVzdCZYLUFtei1EYXRlPTIwMjQwNzIyVDE1MzYzNFomWC1BbXotRXhwaXJlcz0zMDAmWC1BbXotU2lnbmF0dXJlPTk0NWQxNjRmYjY3YTU3NzQ0OGMzMzZiMzY3ODg5MzhiOWU4ZGU5NjkyNjM5MDczMTQxZTI4NWRjMTNiOTYxMWYmWC1BbXotU2lnbmVkSGVhZGVycz1ob3N0JmFjdG9yX2lkPTAma2V5X2lkPTAmcmVwb19pZD0wIn0.QKro1IdeEyfS1qx5FX9lltxNnOfbwrYqJZsbnWl-hw4)