sir.h4m1d Find Admin Bypass Scripts Payment Gateway Bug

8 years ago

Hackers from the Iran Cyber Security Group is make discover of way to bypass access to payment gateways

sir.h4m1d of Iran Cyber Security Group is make discover:

Admin Bypass Scripts Payment Gateway

Full detail is here is show that bypass is simple:

http://www.Site.com/pay/admin/ or /payment/admin/

EXPLOIT:

Username: ‘=’ ‘OR’

Password: ‘=’ ‘OR’

Affected sites is insecure as do not have input validation to disallow user/password of ‘=’ ‘OR’ and is allow access to systems

All bugs discover by Iran Cyber Security Group is here

Iran Cyber Security Group member: MOHAMAD-NOFOZI , root3r , sir.h4m1d , Promis , white.wolf , mr.s4jj4d , mr.turk , 0day , pi.hack , l3gi0n , nazanin_wild , 0xdevil

Contact mail: [email protected]
Team Web site: http://iran-cyber.net

Tags:

Leave a Reply

Your email address will not be published. Required fields are marked *