MyInternet admin panel login bypass
I contacted the company via email reporting that i have found a critical vulnerability affecting some of their customers.
They didn't reply back and i decided to make a call to inform the company about the vulnerability. I explained the impact and they answered "I don't care, i have more interesting things to do".
Vendor: My Internet
Affected Product: MyInternet CMS
Reported by : Evangelos Mourikis
Contact : vag.mourikis () gmail [dot] com
1st Contact via email | 8 July 2014(No answer)
2nd Contact via phone | 30 July 2014
Public Disclosure | 4 September 2014
This vulnerability allows a malicious user to get access in the administration panel. That means that he can edit all the pages, see the plaintext passwords of the admin panel users and upload pdf files.
The administration panel is located in
Password: ' or 1=1-- -