Default Administrator Credential Vulnerability in doorGets 7.0

CVE-2019-11618 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

doorGets 7.0 has a default administrator credential vulnerability. A remote attacker can use this vulnerability to gain administrator privileges for the creation and modification of articles via an H0XZlT44FcN1j9LTdFc5XRXhlF30UaGe1g3cZY6i1K9 access_token in a uri=blog&action=index&controller=blog action to /api/index.php.

Learn more about our Api Penetration Testing.