Switch branches/tags
Nothing to show
Find file Copy path
Fetching contributors…
Cannot retrieve contributors at this time
52 lines (25 sloc) 1.92 KB

###Techno Portfolio Management Panel - SQL Injection/XSS/Information leak/Broken Access Control

ADLab of Venustech

Well, when I pentest the official demo site of Techno Portfolio Management Panel.

I found when I login into the backend, it left some vulnerabilities here.

Information leak:


For example, we can get some sensitive data here like the absolute path:





For example, We can get the site cookie here or do something more evilly.


SQL Injection:



For example, We can get database user or other info here , using some tools or just by hand:

current user: 'u633631124_dacy@'

Broken Access Control

While the feedback option should only be viewed or operated only by the admin user itself , I used the cookie of the demo normal user to replace the cookie of admin, and I removed a feedback successfully by the authority of normal user at last .

Feedback Remove URL:

image image

At a word, it's a vulnerability of broken access control.