Boost My Campaign 1.1 Information Disclosure

2018-01-04T00:00:00
ID PACKETSTORM:145632
Type packetstorm
Reporter indoushka
Modified 2018-01-04T00:00:00

Description

                                        
                                            `=======================================================================================================  
| # Title : Boost My Campaign 1.1 Unauthenticated Administrative Access Vulnerability |  
| # Author : indoushka |  
| # email : indoushka4ever@gmail.com |  
| # Tested on : windows 10 FranASSais V.(Pro) |  
| # Version : 1.1 |  
| # Vendor : https://codecanyon.net/item/boost-my-campaign/16753312 |   
| # Dork : n/a |  
========================================================================================================  
  
poc :  
  
Export users list :  
  
[+] Dorking Adegn Google Or Other Search Enggine   
  
[+] use payload : user-export.php  
  
http://store.webandcrafts.com/demo/campaign/user-export.php  
  
php info :  
  
http://store.webandcrafts.com/demo/campaign/info.php  
  
  
Greetz :----------------------------------------------------------------------------------------  
|  
jericho * Larry W. Cashdollar * shadow0075 * djroot.dz *Gjoko 'LiquidWorm' Krstic |  
|  
================================================================================================  
`