Advertisement






OPSTECH Thailand Gov Management System Multiple Vulnerabilities

CVE Category Price Severity
CVE-2021-42731 CWE-79 $5000 Critical
Author Risk Exploitation Type Date
Unknown High Remote 2022-07-04
CPE
cpe:cpe:/a:opstech:thailand_gov_management_system
CVSS EPSS EPSSP
CVSS:4.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L 0.02192 0.50148

CVSS vector description

Our sensors found this exploit at: https://cxsecurity.com/ascii/WLB-2022070010

Below is a copy:

OPSTECH Thailand Gov Management System Multiple Vulnerabilities
# Exploit Title: OPSTECH Thailand Government Management System Multiple Attack (SQLi + Default weak password)
# Google Dork: 1. intext:"Copyright  by OPSTECH All Right Reserved" site:go.th
                        2. USE your Brain..
# Vulnerabilty: SQL Injection + Default Weak Admin Password
# Date: 2016-06-23
# Risk: High
# Original Exploit Author: ./NaughtySec - Indinesia Bug Hunter  
# Vendor Homepage: https://www.opstechservices.com/
# Version: = all version vuln
# Tested on: Kali Linux 2022.2 & Windows 11
# Tested Environment - Ubuntu Server 20.04 LTS
# Attacking video : https://youtu.be/lei9XrRi4yo

First found it in 2016, but after a long time and accidentally looked at the mirror again and tried the exploit again, it's still working until now

Video for attacking https://youtu.be/lei9XrRi4yo


Admin Login: 
/index.php?mod=login&path=login

Default Admin password: 

123456
A123456
123456900
111111

Hash MD5 
https://md5decrypt.net/

Copyright ©2024 Exploitalert.

All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use.