Exploits / Vulnerability Discovered : 2021-07-27 |
Type : webapps |
Platform : php
This exploit / vulnerability Customer relationship management system (crm) 1.0 sql injection authentication bypass is for educational purposes only and if it is used you will do on your own risk!
# Customer relationship management system is vulnerable to Sql Injection Auth Bypass
# Exploit Working:
# 1. Visit on localhostcrm/customer/login.php
# 2. You will see the login panel
# 3. use this payload ( '=' 'or' ) in username and click on signin you will login into the admin account.