Pharmacy Management System version 1.0 Insecure Settings

Pharmacy Management System version 1.0 Insecure Settings

Posted Sep 9, 2024

Authored by indoushka

Pharmacy Management System version version 1.0 suffers from an ignored default credential vulnerability.

tags | exploit

SHA-256 | 6c367c1c4b085e72851f370194180a14f132217419dbc26645d989d1f50bd05c

Download | Favorite | View

Pharmacy Management System version 1.0 Insecure Settings

====================================================================================================================================| # Title     : Pharmacy Management System version 1.0 Insecure Settings Vulnerability                                             || # Author    : indoushka                                                                                                          || # Tested on : windows 10 Fr(Pro) / browser : Mozilla firefox 125.0.1 (64 bits)                                                   || # Vendor    : https://www.sourcecodester.com/php/15281/multi-language-pharmacy-management-system-project-source-code.html        |====================================================================================================================================poc :[+] Dorking İn Google Or Other Search Enggine.[+] Insecure Settings : appears to leave a default administrative account in place post installation.[+] use payload : user =  admin & pass = admin123[+] https://www/127.0.0.1/demoocom/admin/?page=user/manage_user&id=8Greetings to :==================================================jericho * Larry W. Cashdollar * LiquidWorm * Hussin-X * D4NB4R |================================================================

File Tags

• ActiveX (933)
• Advisory (86,689)
• Arbitrary (17,038)
• BBS (2,859)
• Bypass (1,904)
• CGI (1,047)
• Code Execution (7,875)
• Conference (692)
• Cracker (844)
• CSRF (3,421)
• DoS (25,205)
• Encryption (2,394)
• Exploit (54,147)
• File Inclusion (4,271)
• File Upload (1,009)
• Firewall (822)
• Info Disclosure (2,912)
• Intrusion Detection (918)
• Java (3,155)
• JavaScript (907)
• Kernel (7,258)
• Local (14,836)
• Magazine (587)
• Overflow (13,208)
• Perl (1,435)
• PHP (5,253)
• Proof of Concept (2,402)
• Protocol (3,749)
• Python (1,655)
• Remote (31,830)
• Root (3,669)
• Rootkit (529)
• Ruby (640)
• Scanner (1,657)
• Security Tool (8,044)
• Shell (3,298)
• Shellcode (1,219)
• Sniffer (904)
• Spoof (2,292)
• SQL Injection (16,704)
• TCP (2,463)
• Trojan (690)
• UDP (919)
• Virus (672)
• Vulnerability (33,055)
• Web (10,131)
• Whitepaper (3,783)
• x86 (969)
• XSS (18,281)
• Other

File Archives

• September 2024
• August 2024
• July 2024
• June 2024
• May 2024
• April 2024
• March 2024
• February 2024
• January 2024
• December 2023
• November 2023
• October 2023
• Older

Systems

• AIX (430)
• Apple (2,104)
• BSD (378)
• CentOS (61)
• Cisco (1,954)
• Debian (7,118)
• Fedora (1,693)
• FreeBSD (1,247)
• Gentoo (4,567)
• HPUX (881)
• iOS (387)
• iPhone (108)
• IRIX (220)
• Juniper (71)
• Linux (51,071)
• Mac OS X (696)
• Mandriva (3,105)
• NetBSD (256)
• OpenBSD (489)
• RedHat (16,733)
• Slackware (941)
• Solaris (1,615)
• SUSE (1,444)
• Ubuntu (9,808)
• UNIX (9,452)
• UnixWare (188)
• Windows (6,763)
• Other