The Best Real Estate php real estate script SQL Injection Vu
Posted on 08 June 2010
<!DOCTYPE HTML PUBLIC '-//W3C//DTD HTML 4.01 Transitional//EN'><html><head><meta http-equiv='Content-Type' content='text/html; charset=windows-1251'><title>The Best Real Estate php real estate script SQL Injection Vulnerability </title><link rel='shortcut icon' href='/favicon.ico' type='image/x-icon'><link rel='alternate' type='application/rss+xml' title='Inj3ct0r RSS' href='/rss'></head><body><pre>======================================================================= The Best Real Estate php real estate script SQL Injection Vulnerability ======================================================================= Author: L0rd CrusAd3r aka VSN [crusader_hmg@yahoo.com] Exploit Title:The Best Real Estate php real estate script? SQLi Vulnerable Published: 2010-06-08 Vendor url:http://www.the-best-real-estate.com Platform: Unix, Linux , Windows Greetz to:Sid3^effects, aa_Numb, M4n0j and to all ICW members ############################################################################################################################################################################# DESCRIPTION: The-Best-Real-Estate is a professional solution for a real estate website. Although you need only ten minutes to install, it is both easy to use and rich in the features you need. The right choice for your business! Features:- Keep it simple, keep it productive, keep it focused! Please check the online demo 2.1 and the limited price offer! The script is available in English, Spanish, German, French, Dutch and Italian. ( Multiple language support in back end, WYSIWYG editor added for textarea ) eystrokes on your computer, your web site will be launched and...... the success will follow... ############################################################################################################################################################################### Vulnerability: The Site contains SQLi Vulenrable. demo URL:- http://www.the-best-real-estate.com/demo.php[Sqli] ################################################################################################################################################################################ -- With R3gards, L0rd CrusAd3r # <a href='http://inj3ct0r.com/'>Inj3ct0r.com</a> [2010-06-08]</pre><script type='text/javascript'>var gaJsHost = (("https:" == document.location.protocol) ? "https://ssl." : "http://www.");document.write(unescape("%3Cscript src='" + gaJsHost + "google-analytics.com/ga.js' type='text/javascript'%3E%3C/script%3E"));</script><script type='text/javascript'>try{var pageTracker = _gat._getTracker("UA-12725838-1");pageTracker._setDomainName("none");pageTracker._setAllowLinker(true);pageTracker._trackPageview();}catch(err){}</script></body></html>
