# Exploit Title: college management system - Add admin (Unauthenticated) # Date: 01/10/2021 # Exploit Author: Abdulrahman https://twitter.com/infosec_90 # Vendor Homepage: https://www.eedunext.com/ # Software Link: https://code-projects.org/college-management-system-in-php-with-source-code/ # Version: 1.0 # Tested on: Kali Linux in Admin/teacher.php in line 1 in Admin/teacher.php line 23 :$email=$_POST["email"]; line 63 :$password=$_POST['password']; line 65 :$role=$_POST['role']; role Admin,Teacher,Student POC : ADD Amin