PHP User Management System is a powerful PHP script that offers a secure user management system. The application is a great way to build your website, allowing your users to register an account and build restricted access to certain users. We offer great support and it’s very easy to install. It’s powered by MYSQL and PHP.
I wouldn't recommend using this script without taking a good look at the source code. t]The passwords are hashed using SHA-1 and to top it all off the registration page has a vulnerability for anyone to register as admin.
<input type="hidden" name="roleid" value="3" class="form-control">
The roleid value attribute can be changed with dev tools and it submits the form with that id I was able to register as an admin.
I wouldn't recommend using this script without taking a good look at the source code. t]The passwords are hashed using SHA-1 and to top it all off the registration page has a vulnerability for anyone to register as admin.
<input type="hidden" name="roleid" value="3" class="form-control">The roleid value attribute can be changed with dev tools and it submits the form with that id I was able to register as an admin.