EuroMedya - No Redirect/Admin Panel Bypass

tr root9ext (TR) tr
Risk: Medium
Local: No
Remote: Yes

TITLE: EuroMedya - No Redirect/Admin Panel Bypass # Exploit Author: Onur Kara (root9ext) # Service Provider: # Vulnerable URL: /hafun/main.php # Dork: - # Vulnerability Type: No Redirect # Severity: Critical Vulnerability Description: A vulnerability has been identified in websites that utilize the hafun/index.php file as the admin panel. The issue arises when blocking access to the hafun/index.php file and accessing the hafun/main.php file, which leads to the unauthorized discovery of the admin panel. Proof of Concept (PoC): URLs: - - - etc... 1. Access the admin login page, typically located at: 2.Block access to the hafun/index.php file. 3.Access the hafun/main.php file, typically located at: 4.Observe that the admin panel is accessible without redirection, indicating successful discovery of the admin panel. Contact Telegram: @rootninext

Vote for this issue:


Thanks for you vote!


Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2024,


Back to Top