- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 14914
- Проверка EDB
-
- Пройдено
- Автор
- L0RD CRUSAD3R
- Тип уязвимости
- WEBAPPS
- Платформа
- ASP
- CVE
- cve-2010-4919
- Дата публикации
- 2010-09-06
Код:
Author: L0rd CrusAd3r aka VSN [[email protected]]
Exploit Title: Micronetsoft RV Dealer Website SQLi Vulnerability
Vendor url:http://www.micronetsoft.com
Version:1
Price:199$
Published: 2010-09-06
GThanx to:r0073r (inj3ct0r.com), Sid3^effects, MaYur, MA1201, Sonic Bluehat,
M4n0j,NoCare, The_Exploited, SeeMe, gunslinger, Th3 RDX.
Greetz to : Inj3ct0r Exploit DataBase (inj3ct0r.com) , 0xr00t.com , members
and my friends :) etc....
Special Greetz: Topsecure.net, inj3ct0r Team ,Andhrahackers.com
Shoutzz:- To all ICW & Inj3ct0r members.
~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~
Description:
Features:
* Provides the ability to add listings to the web site.
* Ability to add multiple users
* Post-unlimited listings
* For Sale listings with link to details page
* For Rent listings with link to details page
* Upload Images for listing
* Upload a Brochure about the listing
* Listings display the company logo
* Search the database Vehicle Type, Make, Model, Year, Price Range, and
Location.
* Featured Listings
* Prospective Buyer signup - will receive email on NEW Listings!
* Submit work order (maintenance issue) with picture, for listings
* Full database driven web application - Access database
~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~
Vulnerability:
*SQL Vulnerability
DEMO URL:
http://www.site.com/detail.asp?ad_ID=1&vehicletypeID=[sqli]
# 0day n0 m0re #
# L0rd CrusAd3r #- Источник
- www.exploit-db.com
