Blesta 5.4.1 Insecure Settings

====================================================================================================================================| # Title     : blesta 5.4.1 Insecure Settings Vulnerability                                                                       || # Author    : indoushka                                                                                                          || # Tested on : windows 10 Français V.(Pro) / browser : Mozilla firefox 102.0.1(64-bit)                                            | | # Vendor    : https://account.blesta.com/client/plugin/download_manager/client_main/download/209/blesta-5.4.1.zip                |  | # Dork      : Powered by Blesta, © Phillips Data, Inc.                                                                           |====================================================================================================================================poc :[+] The vulnerability is about leaving the default settings    During the installation of the script and using the default username and password[+] Dorking İn Google Or Other Search Enggine.[+] Use Payload : user=admin & pass=password [+] https://127.0.0.1/blesta/admin/login/Greetings to :=========================================================================================================================                                                                                                                                      |jericho * Larry W. Cashdollar * brutelogic* hyp3rlinx* 9aylas * shadow_00715 * LiquidWorm* moncet                                     |                                                                                                                                              |=======================================================================================================================================