EMO Realty Manager – SQL Injection

• Exploit Database
• 15 阅读

• 作者： L0rd CrusAd3r
  日期： 2010-06-08
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/13771/

• Author: L0rd CrusAd3r aka VSN [crusader_hmg@yahoo.com]
  Exploit Title:EMO Realty Manager SQLi Vulnerable
  Published: 2010-06-08
  Vendor url:http://emophp.com
  Price:249$
  Platform: Unix, Linux , Windows
  
  Greetz to:Sid3^effects, aa_Numb, M4n0j and to all ICW members
  
  #############################################################################################################################################################################
  
  DESCRIPTION:
  
  EMO Realty Manager is a full PHP/MySQL content management system for
  property companies,
  real estate agents or FSBO site. Built using PHP and MySQL, this real estate
  website management tool allows for easy updates of properties with image
  upload,
  category management, listing management, custom usage statistics, mailing
  list management, easy to use advanced PHP template system and much more
  
  Features:-
  
  With EMO Realty Manager you can quickly build, manage, and publish
  real-estate property to your personal agent or company website.
  
  EMO Realty Manager software is easily administered, powerful, yet affordable
  for any budget.
  
  Even though the software is easy to use, help is right around the corner in
  the form of our tech support department. We are here to help you and answer
  your questions.
  
  EMO Realty Manager is an excellent solution to help you promote your online
  real estate presence.
  
  All the tools you need to increase sales and reflect your professional
  knowledge is built into EMO Realty Manager. With only a few keystrokes on
  your computer, your web site will be launched and...... the success will
  follow...
  
  ###############################################################################################################################################################################
  
  Vulnerability:
  
  The following URL contains a SQLi vulnerable.
  
  demo URL:-
  http://server/emorealty/googlemap/index.php?cat1=[Sqli]
  
  ################################################################################################################################################################################
  
  -- 
  With R3gards,
  L0rd CrusAd3r