Submit #836751: SourceCodester Onlne Examination & Learning Management System using PHP and MySQL 0 Use of Hard-coded Passwordinfo

TitelSourceCodester Onlne Examination & Learning Management System using PHP and MySQL 0 Use of Hard-coded Password
BeschreibungDuring the assessment of this project (Onlne Examination & Learning Management System using PHP and MySQL), it was observed that the application has a hardcoded password used during the import of the users data. This happens in "import_users.php" on line 58. $raw_password = (!empty($data[10])) ? $data[10] : "CICT_2026"; // VULNERABLE Ideally, the password should be encrypted or moved to .env (not pushed to PROD) or secure the password within the database called by the Application during the runtime.
Benutzer
 Kamran Saifullah (UID 4218)
Einreichung25.05.2026 13:04 (vor 2 Monaten)
Moderieren08.06.2026 07:18 (14 days later)
StatusAkzeptiert
VulDB Eintrag369162 [SourceCodester Onlne Examination & Learning Management System 1.0 import_users.php raw_password schwache Authentisierung]
Punkte17

Do you want to use VulDB in your project?

Use the official API to access entries easily!