That’s sweet you did an sql injection on your own school’s system. I agree with all your opinions, but you still got to be careful on what actions you take, especially when informing people who aren’t as tech savvy as you. An administrator who grew up without computers and never built a web app might not understand that using google chrome to inspect an element doesn’t require bad intentions. Pat yourself on the back for trying to help your university. Next time, just send a few parties an anonymous message.