EduSec has a suite of selective modules specifically tailored to the requirements of education industry. EduSec is engineered and designed considering wide range of management functions within the university. With the use of EduSec, staff can be more accountable as it helps to know the performance of each department in just few seconds. Almost all departments within education industry (e. g. admission, administration, time table, examination, HR, finance etc) can be synchronized and accessed. EduSec helps to assign the responsibilities to employee staff and can reduce time wastage and can speed up the administrative functions. Core functions like admissions, library management, transport management, students’ attendance in short entire range of university functions can be well performed by EduSec.
EduSec suffers from multiple SQL Injection vulnerabilities. Input passed via multiple 'id' GET parameters are not properly sanitised before being returned to the user or used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.