Exploits / Vulnerability Discovered : 2021-04-05 |
Type : webapps |
Platform : php
This exploit / vulnerability Simple food website 1.0 authentication bypass is for educational purposes only and if it is used you will do on your own risk!
Step 1 - Go to url http://localhost/food/admin/login.php
Step 2 – Enter anything in username and password
Step 3 – Click on Login and capture the request in burpsuite
Step 4 – Change the username to ' or '1'='1'#
Step 5 – Click forward and now you will be logged in as admin.