Bs Home_Classifieds Script - SQL Injection

EDB-ID:

14226

CVE:





Platform:

PHP

Date:

2010-07-05


1               ##########################################             1
0               I'm Sid3^effects member from Inj3ct0r Team             1
1               ##########################################             0
0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1

Name :   Bs Home_Classifieds Script Sqli Vulnerability
Date : july 5,2010
Critical Level 	: HIGH
vendor URL :http://www.brotherscripts.com/
Price:$24.95
Author : Sid3^effects aKa HaRi <shell_c99[at]yahoo.com>
special thanks to : r0073r (inj3ct0r.com),L0rd CruSad3r,MaYur,MA1201,KeDar,Sonic,gunslinger_
greetz to :www.topsecure.net ,All ICW members and my friends :) luv y0 guyz 
#######################################################################################################
Description : 
Make your own real estate classifieds website with BrotherScripts.com. We are offering a well-built real estate classifieds software (with nice easy editable templates) which allows home buyers to browse and search available properties. The property listings are highly detailed with features, photos, agent/individual information and driving directions linked to MapQuest.
Agents can also list their properties. After a new seller has registered, they are able to select and buy a package depending on how many offers they would like to to post and for the length of time they would like to post them. Payments can be done via PayPal or 2Checkout. Look through the features below to check out more.

#######################################################################################################
Xploit :SQli Vulnerability

DEMO URL 1:http://server/Home_Classifieds/search.php?c=[sqli]

DEMO URL 2:http://server/Home_Classifieds/articlesdetails.php?id=[sqli]

###############################################################################################################
# 0day no more 
# Sid3^effects