Home Tools Exploits & CVE's Vaskar Courier 3.2.0 Insecure Settings

Vaskar Courier 3.2.0 Insecure Settings

June 1, 2023

396

Vaskar Courier version 3.2.0 appears to leave default credentials installed after installation.

================================================================================
| # Title     : Vaskar Courier Version 3.2.0 Insecure Settings Vulnerability   |
| # Author    : indoushka                                                      |
| # Tested on : windows 10 Fr(Pro) / browser : firefox 113.0.1(64 bits)        | 
| # Vendor    : https://www.vaskar.in/                                         |  
| # Dork      : "Designed and Developed by Vaskar Web"                         |
================================================================================

poc :

[+] The vulnerability is about leaves a default set of administrative credentials installed post installation.

[+] Dorking İn Google Or Other Search Enggine.

[+] Use Payload : user = admin & pass= 123 

[+] https://127.0.0.1/geetanjalicourier.com/admin/

Greetings to :=====================================================================================
jericho * Larry W. Cashdollar * brutelogic* hyp3rlinx* 9aylas * shadow_00715 * LiquidWorm* moncet |
===================================================================================================

Vaskar Courier 3.2.0 Insecure Settings

Follow us on Instagram @thecyberpost

EDITOR PICKS

Palo Alto PAN-OS Command Execution / Arbitrary File Creation

Palo Alto Networks PAN-OS Unauthenticated Remote Code Execution

Gambio Online Webshop 4.9.2.0 Remote Code Execution

POPULAR POSTS

Restaurant Reservation System Patches Easy-to-Exploit XSS Bug

Sniffle – A Sniffer For Bluetooth 5 And 4.X LE

Domhttpx – A Google Search Engine Dorker With HTTP Toolkit Built...

POPULAR CATEGORY

Inout Jobs Portal 2.2.2 Cross Site Scripting

AudioCodes VoIP Phones Insufficient Firmware Validation

Reolink E1 Zoom Camera 3.0.0.716 Configuration Disclosure