21 matches found
CVE-2019-25459
Web Ofisi Emlak V2 contains multiple SQL injection vulnerabilities in the endpoint that allow unauthenticated attackers to manipulate database queries through GET parameters. Attackers can inject SQL code into parameters like emlakdurumu, emlaktipi, il, ilce, kelime, and semt to extract sensitive...
CVE-2019-25456
Web Ofisi Emlak v2 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'ara' GET parameter. Attackers can send requests to with time-based SQL injection payloads to extract sensitive database information or...
CVE-2019-25456
Web Ofisi Emlak v2 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'ara' GET parameter. Attackers can send requests to with time-based SQL injection payloads to extract sensitive database information or...
CVE-2019-25459
Web Ofisi Emlak V2 contains multiple SQL injection vulnerabilities in the endpoint that allow unauthenticated attackers to manipulate database queries through GET parameters. Attackers can inject SQL code into parameters like emlakdurumu, emlaktipi, il, ilce, kelime, and semt to extract sensitive...
CVE-2019-25456
Web Ofisi Emlak v2 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'ara' GET parameter. Attackers can send requests to with time-based SQL injection payloads to extract sensitive database information or...
CVE-2019-25459 Web Ofisi Emlak V2 SQL Injection via emlak-ara.html
Web Ofisi Emlak V2 contains multiple SQL injection vulnerabilities in the endpoint that allow unauthenticated attackers to manipulate database queries through GET parameters. Attackers can inject SQL code into parameters like emlakdurumu, emlaktipi, il, ilce, kelime, and semt to extract sensitive...
CVE-2019-25456
Web Ofisi Emlak v2 contains an SQL injection vulnerability exploitable via the ara GET parameter. Unauthenticated attackers can send time-based payloads to manipulate queries, potentially extracting sensitive data and causing denial of service. No remediation details are provided in the supplied ...
CVE-2019-25456
Web Ofisi Emlak v2 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'ara' GET parameter. Attackers can send requests to with time-based SQL injection payloads to extract sensitive database information or...
CVE-2019-25456 Web Ofisi Emlak v2 SQL Injection via ara Parameter
Web Ofisi Emlak v2 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'ara' GET parameter. Attackers can send requests to with time-based SQL injection payloads to extract sensitive database information or...
CVE-2019-25456 Web Ofisi Emlak v2 SQL Injection via ara Parameter
Web Ofisi Emlak v2 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'ara' GET parameter. Attackers can send requests to with time-based SQL injection payloads to extract sensitive database information or...
PT-2026-21446
Web Ofisi Emlak V2 contains multiple SQL injection vulnerabilities in the endpoint that allow unauthenticated attackers to manipulate database queries through GET parameters. Attackers can inject SQL code into parameters like emlak durumu, emlak tipi, il, ilce, kelime, and semt to extract sensiti...
Web Ofisi Emlak SQL注入漏洞
Web Ofisi Emlak is a real estate agency website system developed by the Turkish company Web Ofisi. The Web Ofisi Emlak v2 version has a SQL injection vulnerability, which stems from insufficient validation of the ara parameter input. This vulnerability may lead to SQL injection attacks...
Web Ofisi Emlak SQL注入漏洞
Web Ofisi Emlak is a real estate agency website system developed by the Turkish company Web Ofisi. The Web Ofisi Emlak V2 version has a SQL injection vulnerability, which stems from insufficient validation of multiple GET parameter inputs. This vulnerability may lead to SQL injection attacks...
Web Ofisi Emlak 2 SQL Injection
Exploit Title: Web Ofisi Emlak 2 - 'ara' SQL Injection Date: 2019-07-19 Exploit Author: Ahmet Ümit BAYRAM Vendor: https://www.web-ofisi.com/detay/emlak-scripti-v2.html Demo Site: http://demobul.net/emlakv2/ Version: v2 Tested on: Kali Linux CVE: N/A ----- PoC: SQLi ----- Request:...
Web Ofisi Emlak 3 - (emlak_durumu) SQL Injection Vulnerability
Exploit for linux platform in category web applications Exploit Title: Web Ofisi Emlak 3 - 'emlakdurumu' SQL Injection Exploit Author: Ahmet Ümit BAYRAM Vendor: https://www.web-ofisi.com/detay/emlak-scripti-v3.html Demo Site: http://demobul.net/emlakv3/ Version: V2 Tested on: Kali Linux CVE: N/A...
Web Ofisi Emlak 2 - ara SQL Injection
Web Ofisi Emlak 2 - ara SQL Injection Exploit Title: Web Ofisi Emlak 2 - 'ara' SQL Injection Date: 2019-07-19 Exploit Author: Ahmet Ümit BAYRAM Vendor: https://www.web-ofisi.com/detay/emlak-scripti-v2.html Demo Site: http://demobul.net/emlakv2/ Version: v2 Tested on: Kali Linux CVE: N/A ----- PoC...
Web Ofisi Emlak 2 - (ara) SQL Injection Vulnerability
Exploit for linux platform in category web applications Exploit Title: Web Ofisi Emlak 2 - 'ara' SQL Injection Exploit Author: Ahmet Ümit BAYRAM Vendor: https://www.web-ofisi.com/detay/emlak-scripti-v2.html Demo Site: http://demobul.net/emlakv2/ Version: v2 Tested on: Kali Linux CVE: N/A ----- Po...
Web Ofisi Emlak 3 - emlak_durumu SQL Injection
Web Ofisi Emlak 3 - emlakdurumu SQL Injection Exploit Title: Web Ofisi Emlak 3 - 'emlakdurumu' SQL Injection Date: 2019-07-19 Exploit Author: Ahmet Ümit BAYRAM Vendor: https://www.web-ofisi.com/detay/emlak-scripti-v3.html Demo Site: http://demobul.net/emlakv3/ Version: V2 Tested on: Kali Linux CV...
Web Ofisi Emlak 3 - 'emlak_durumu' SQL Injection
Exploit Title: Web Ofisi Emlak 3 - 'emlakdurumu' SQL Injection Date: 2019-07-19 Exploit Author: Ahmet Ümit BAYRAM Vendor: https://www.web-ofisi.com/detay/emlak-scripti-v3.html Demo Site: http://demobul.net/emlakv3/ Version: V2 Tested on: Kali Linux CVE: N/A ----- PoC 1: SQLi ----- Request:...
Web Ofisi Emlak 2 - 'ara' SQL Injection
Exploit Title: Web Ofisi Emlak 2 - 'ara' SQL Injection Date: 2019-07-19 Exploit Author: Ahmet Ümit BAYRAM Vendor: https://www.web-ofisi.com/detay/emlak-scripti-v2.html Demo Site: http://demobul.net/emlakv2/ Version: v2 Tested on: Kali Linux CVE: N/A ----- PoC: SQLi ----- Request:...