Authentication Bypass To The Admin Panel.
👨🏼💻Discovered by Pratik Khalane
📄Vulnerable version: 1.0
🔗Vendor Homepage: https://www.sourcecodester.com/
Bug Description:
An attacker can easily bypass the login page to get into the dashboard of the admin panel.
Steps to Reproduce:
- Go to the admin panel of the online SMS login page.
2. Now there are 2 ways by which you can bypass the…
Hello everyone, today I will be talking about one of the critical bugs which I found in the Oracle Corporation. Now, let’s start with the recon process
Step 1 :
1)There are multiple tools by which you can get subdomains, a few of them are given below…
i) Findomain
Use of Default Credentials to Unauthorised Remote Access of Internal Panel of Tieline.
👨🏼💻Discovered by Pratik Khalane
📝Published on 01/07/2021.
📄Vulnerable version ≤ 2.6.4.8
🔗Vendor Homepage: https://tieline.com/gateway/
CVE Link: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35336
Bug Description:
A vulnerability in the Tieline Web Administrative Interface on Version 2.6.4.8 and Below Could allow an Unauthenticated Remote User to access a sensitive part of the system with a high privileged account.
This…
Hello everyone, today I will be talking about one of the critical bug which I found on the BBC website which is bypassing the admin portal using the default credentials. Now, let’s start with the recon process
Step 1 :
1)There are multiple tools by which you can get subdomains…
This is my first article and I hope you guys will surely learn something new. Since I am not allowed to disclose the information about the company, let’s assume it as example.com. The main domain was the only scope to test for finding vulnerabilities. Now Lets Jump into the bug………….
