{"id":59793,"date":"2024-09-18T18:50:26","date_gmt":"2024-09-18T15:50:26","guid":{"rendered":"https:\/\/packetstormsecurity.com\/files\/181594\/bpsms11-insecure.txt"},"modified":"2024-09-18T18:50:26","modified_gmt":"2024-09-18T15:50:26","slug":"beauty-parlour-and-saloon-management-system-1-1-insecure-settings","status":"publish","type":"post","link":"https:\/\/afaghhosting.net\/blog\/beauty-parlour-and-saloon-management-system-1-1-insecure-settings\/","title":{"rendered":"Beauty Parlour And Saloon Management System 1.1 Insecure Settings"},"content":{"rendered":"<dl id=\"F181594\" class=\"file first\" readability=\"-0.99852071005917\">\n<dt><a class=\"ico text-plain\" href=\"https:\/\/packetstormsecurity.com\/files\/download\/181594\/bpsms11-insecure.txt\" title=\"Size: 1.2 KB\" target=\"_blank\" rel=\"noopener\"><strong>Beauty Parlour And Saloon Management System 1.1 Insecure Settings<\/strong><\/a><\/dt>\n<dd class=\"datetime\">Posted <a href=\"https:\/\/packetstormsecurity.com\/files\/date\/2024-09-18\/\" title=\"14:16:46 UTC\" target=\"_blank\" rel=\"noopener\">Sep 18, 2024<\/a><\/dd>\n<dd class=\"refer\">Authored by <a href=\"https:\/\/packetstormsecurity.com\/files\/author\/7697\/\" class=\"person\" target=\"_blank\" rel=\"noopener\">indoushka<\/a><\/dd>\n<dd class=\"detail\" readability=\"0\">\n<p>Beauty Parlour and Saloon Management System version 1.1 suffers from an ignored default credential vulnerability.<\/p>\n<\/dd>\n<dd class=\"tags\"><span>tags<\/span> | <a href=\"https:\/\/packetstormsecurity.com\/files\/tags\/exploit\" target=\"_blank\" rel=\"noopener\">exploit<\/a><\/dd>\n<dd class=\"md5\"><span>SHA-256<\/span> | <code>d6660c1c6980ef3268d1a22cf2f264a4cca0ec4b56c1477c7fef4007d4b6424a<\/code><\/dd>\n<dd class=\"act-links\"><a href=\"https:\/\/packetstormsecurity.com\/files\/download\/181594\/bpsms11-insecure.txt\" title=\"Size: 1.2 KB\" rel=\"nofollow noopener\" target=\"_blank\">Download<\/a> | <a href=\"https:\/\/packetstormsecurity.com\/files\/favorite\/181594\/\" class=\"fav\" rel=\"nofollow noopener\" target=\"_blank\">Favorite<\/a> | <a href=\"https:\/\/packetstormsecurity.com\/files\/181594\/Beauty-Parlour-And-Saloon-Management-System-1.1-Insecure-Settings.html\" target=\"_blank\" rel=\"noopener\">View<\/a><\/dd>\n<\/dl>\n<div class=\"src\" readability=\"9.7935103244838\">\n<pre readability=\"8\"><code readability=\"10\">====================================================================================================================================<br>| # Title : Beauty Parlour &amp; Saloon Management System 1.1 Insecure Settings Vulnerability |<br>| # Author : indoushka |<br>| # Tested on : windows 10 Fr(Pro) \/ browser : Mozilla firefox 130.0.0 (64 bits) |<br>| # Vendor : https:\/\/phpgurukul.com\/beauty-parlour-management-system-using-php-and-mysql\/ |<br>====================================================================================================================================<p>poc :<\/p>[+] Dorking \u0130n Google Or Other Search Enggine.<\/p>[+] Insecure Settings : appears to leave a default administrative account in place post installation.<\/p>[+] use payload : <\/p><p>Username: admin<\/p><p>Password: Test@123<\/p>[+] http:\/\/127.0.0.1\/bpmsp\/admin\/dashboard.php<\/p><p>Greetings to :==================================================<br>jericho * Larry W. Cashdollar * LiquidWorm * Hussin-X * D4NB4R |<br>================================================================<br><\/p><\/code><\/pre>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>Beauty Parlour And Saloon Management System 1.1 Insecure Settings Posted Sep 18, 2024 Authored by indoushka Beauty Parlour and Saloon Management System version 1.1 suffers from an ignored default credential vulnerability. tags | exploit SHA-256 | d6660c1c6980ef3268d1a22cf2f264a4cca0ec4b56c1477c7fef4007d4b6424a Download | Favorite | View ====================================================================================================================================| # Title : Beauty Parlour &amp; Saloon Management System 1.1 Insecure Settings &hellip;<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[26],"tags":[],"class_list":["post-59793","post","type-post","status-publish","format-standard","hentry","category-vulnerability"],"_links":{"self":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/59793","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/comments?post=59793"}],"version-history":[{"count":0,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/59793\/revisions"}],"wp:attachment":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/media?parent=59793"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/categories?post=59793"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/tags?post=59793"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}