eRealty Shop SQL Injection

2012.04.28
Credit: BHG Security Center
Risk: Medium
Local: No
Remote: Yes
CVE: N/A
CWE: CWE-89
Dork: \"The eRealty Shop, Inc. All rights reserved.\"

#################################################################### # Exploit Title: eRealty SHop SQL Injection # Google Dork: "The eRealty Shop, Inc. All rights reserved." # Date: 27/04/2012 # Author: #BHG Security Center # H0me : www.black-hg.org <http://www.secure-land.net/> # Software Link: www.theerealtyshop.com # Version: last version # Tested on: Linux/Ubuntu - Windows7 # CVE : none #################################################################### # p0c : # # address.php?property_ID=234' # The CMS Have SQL Injection in address.php ;) #################################################################### # exmample : # http://www.theerealtyshop.com/address.php?property_ID=234' #################################################################### # Special Thanks To : Net.Edit0r - A.Cr0x - 3H34N & .... #################################################################### # GreetZ : Mikili - 2MzRp - 0x0ptim0us and all of SecureLand Members.

References:

http://www.black-hg.org/


See this note in RAW Version
Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}
Copyright 2024, cxsecurity.com

 

Back to Top