BP Monitoring Management System 1.0 Insecure Settings

BP Monitoring Management System 1.0 Insecure Settings
Posted Sep 13, 2024
Authored by indoushka

BP Monitoring Management System version 1.0 suffers from an ignored default credential vulnerability.

tags | exploit
SHA-256 | a2b530b3e0a28bb00c704b528988d03e386681ffd62bb38b63be53c8ac992818
Download | Favorite | View
====================================================================================================================================
| # Title : BP Monitoring Management System 1.0 Insecure Settings Vulnerability |
| # Author : indoushka |
| # Tested on : windows 10 Fr(Pro) / browser : Mozilla firefox 130.0.0 (64 bits) |
| # Vendor : https://phpgurukul.com/bp-monitoring-management-system-using-php-and-mysql/ |
====================================================================================================================================
poc :
[+] Dorking İn Google Or Other Search Enggine.
[+] Insecure Settings : appears to leave a default administrative account in place post installation.
[+] use payload : 
Username: john@test.com
Password: Test@123
[+] http://127.0.0.1/bpmms/edit-family-member.php?fmid=1
Greetings to :==================================================
jericho * Larry W. Cashdollar * LiquidWorm * Hussin-X * D4NB4R |
================================================================

نوشته های مشابه

Ubuntu Security Notice USN-7013-1

Apple Security Advisory 09-16-2024-6

Red Hat Security Advisory 2024-6719-03

Red Hat Security Advisory 2024-6720-03