Headline
MSMS-PHP 1.0 Insecure Settings
MSMS-PHP version 1.0 suffers from an ignored default credential vulnerability.
MSMS-PHP 1.0 Insecure Settings
Posted Aug 28, 2024
Authored by indoushka
MSMS-PHP version 1.0 suffers from an ignored default credential vulnerability.
tags | exploit, php
SHA-256 | 901a66e3533b07e82bfa171f76797bfe6f506ccd295fb4c073fbbd2ad85576ea
Download | Favorite | View
MSMS-PHP 1.0 Insecure Settings
=============================================================================================================================================| # Title : MSMS-PHP v1.0 Insecure Settings Vulnerability || # Author : indoushka || # Tested on : windows 10 Fr(Pro) / browser : Mozilla firefox 125.0.1 (64 bits) || # Vendor : https://www.sourcecodester.com/php/14924/online-mobile-store-management-system-using-php-free-source-code.html |=============================================================================================================================================poc :[+] Dorking İn Google Or Other Search Enggine.[+] Insecure Settings : appears to leave a default administrative account in place post installation.[+] use payload : user = admin & pass = admin123[+] https://www/127.0.0.1/yorubanwitness000webhostappcom/admin/Greetings to :==================================================jericho * Larry W. Cashdollar * LiquidWorm * Hussin-X * D4NB4R |================================================================
File Tags
- ActiveX (933)
- Advisory (86,567)
- Arbitrary (16,906)
- BBS (2,859)
- Bypass (1,878)
- CGI (1,034)
- Code Execution (7,840)
- Conference (691)
- Cracker (844)
- CSRF (3,412)
- DoS (25,123)
- Encryption (2,389)
- Exploit (53,308)
- File Inclusion (4,266)
- File Upload (1,001)
- Firewall (822)
- Info Disclosure (2,893)
- Intrusion Detection (916)
- Java (3,144)
- JavaScript (899)
- Kernel (7,242)
- Local (14,808)
- Magazine (587)
- Overflow (13,178)
- Perl (1,435)
- PHP (5,227)
- Proof of Concept (2,396)
- Protocol (3,731)
- Python (1,648)
- Remote (31,704)
- Root (3,639)
- Rootkit (528)
- Ruby (632)
- Scanner (1,657)
- Security Tool (8,031)
- Shell (3,281)
- Shellcode (1,217)
- Sniffer (902)
- Spoof (2,279)
- SQL Injection (16,629)
- TCP (2,444)
- Trojan (690)
- UDP (904)
- Virus (670)
- Vulnerability (33,023)
- Web (9,974)
- Whitepaper (3,782)
- x86 (967)
- XSS (18,267)
- Other
File Archives
- August 2024
- July 2024
- June 2024
- May 2024
- April 2024
- March 2024
- February 2024
- January 2024
- December 2023
- November 2023
- October 2023
- September 2023
- Older
Systems
- AIX (429)
- Apple (2,099)
- BSD (377)
- CentOS (58)
- Cisco (1,927)
- Debian (7,110)
- Fedora (1,693)
- FreeBSD (1,246)
- Gentoo (4,567)
- HPUX (880)
- iOS (378)
- iPhone (108)
- IRIX (220)
- Juniper (69)
- Linux (50,919)
- Mac OS X (691)
- Mandriva (3,105)
- NetBSD (256)
- OpenBSD (489)
- RedHat (16,636)
- Slackware (941)
- Solaris (1,611)
- SUSE (1,444)
- Ubuntu (9,782)
- UNIX (9,441)
- UnixWare (187)
- Windows (6,677)
- Other