Headline
Online Exam System 1.0 Insecure Settings
Online Exam System version 1.0 suffers from an ignored default credential vulnerability.
====================================================================================================================================| # Title : Online Exam System 1.0 Insecure Settings Vulnerability || # Author : indoushka || # Tested on : windows 10 Fr(Pro) / browser : Mozilla firefox 130.0.0 (64 bits) || # Vendor : https://www.kashipara.com/project/download/project2/user/2024/202406/kashipara.com_exam-zip.zip |====================================================================================================================================poc :[+] Dorking İn Google Or Other Search Enggine.[+] Insecure Settings : appears to leave a default administrative account in place post installation.[+] use payload : Username: admin Password: 123[+] http://127.0.0.1/exam/admin/Greetings to :==================================================jericho * Larry W. Cashdollar * LiquidWorm * Hussin-X * D4NB4R |================================================================