Multi-Vendor Online Groceries Management System 1.0 Insecure Settings

Multi-Vendor Online Groceries Management System 1.0 Insecure Settings

Posted Aug 29, 2024

Authored by indoushka

Multi-Vendor Online Groceries Management System version 1.0 suffers from an ignored default credential vulnerability.

tags | exploit

SHA-256 | cd8e33861bcd681954a3b899d067996fd35799bcecc9ac6f0764304867a5ecb8

Download | Favorite | View

Multi-Vendor Online Groceries Management System 1.0 Insecure Settings

=============================================================================================================================================| # Title     : Multi-Vendor Online Groceries Management System v1.0 Insecure Settings Vulnerability                                        || # Author    : indoushka                                                                                                                   || # Tested on : windows 10 Fr(Pro) / browser : Mozilla firefox 125.0.1 (64 bits)                                                            || # Vendor    : https://www.sourcecodester.com/php/15166/multi-vendor-online-groceries-management-system-phpoop-free-source-code.html       |=============================================================================================================================================poc :[+] Dorking İn Google Or Other Search Enggine.[+] Insecure Settings : appears to leave a default administrative account in place post installation.[+] use payload : user =  admin & pass = admin123[+] https://www/127.0.0.1/yorubanwitness000webhostappcom/admin/Greetings to :==================================================jericho * Larry W. Cashdollar * LiquidWorm * Hussin-X * D4NB4R |================================================================

File Tags

• ActiveX (933)
• Advisory (86,590)
• Arbitrary (16,908)
• BBS (2,859)
• Bypass (1,880)
• CGI (1,034)
• Code Execution (7,844)
• Conference (691)
• Cracker (844)
• CSRF (3,413)
• DoS (25,127)
• Encryption (2,389)
• Exploit (53,324)
• File Inclusion (4,266)
• File Upload (1,001)
• Firewall (822)
• Info Disclosure (2,893)
• Intrusion Detection (916)
• Java (3,144)
• JavaScript (899)
• Kernel (7,244)
• Local (14,809)
• Magazine (587)
• Overflow (13,180)
• Perl (1,435)
• PHP (5,228)
• Proof of Concept (2,397)
• Protocol (3,733)
• Python (1,649)
• Remote (31,707)
• Root (3,639)
• Rootkit (529)
• Ruby (632)
• Scanner (1,657)
• Security Tool (8,033)
• Shell (3,282)
• Shellcode (1,217)
• Sniffer (903)
• Spoof (2,279)
• SQL Injection (16,630)
• TCP (2,444)
• Trojan (690)
• UDP (904)
• Virus (670)
• Vulnerability (33,027)
• Web (9,974)
• Whitepaper (3,782)
• x86 (967)
• XSS (18,270)
• Other

File Archives

• August 2024
• July 2024
• June 2024
• May 2024
• April 2024
• March 2024
• February 2024
• January 2024
• December 2023
• November 2023
• October 2023
• September 2023
• Older

Systems

• AIX (429)
• Apple (2,099)
• BSD (377)
• CentOS (58)
• Cisco (1,927)
• Debian (7,110)
• Fedora (1,693)
• FreeBSD (1,246)
• Gentoo (4,567)
• HPUX (880)
• iOS (378)
• iPhone (108)
• IRIX (220)
• Juniper (69)
• Linux (50,941)
• Mac OS X (691)
• Mandriva (3,105)
• NetBSD (256)
• OpenBSD (489)
• RedHat (16,657)
• Slackware (941)
• Solaris (1,611)
• SUSE (1,444)
• Ubuntu (9,783)
• UNIX (9,443)
• UnixWare (187)
• Windows (6,679)
• Other