CODE49 version 1 suffers from a remote SQL injection vulnerability.
f38e6e41fc64642131134caa5283fd1532e287370e3bc34975a793585395cb78######################
# Exploit Title : CODE49 SQL Injection
# Dork : -
# Author : &Warrior&
# Vendor Homepage : https://www.code49.com.br/sites-imobiliarias.php
# Date : 03/09/2018
# Version : 1.0
# Category : Webapps
# Tested On : windows 10, firefox
######################
# Proof Of Concept (POC):
# 1- go to this site "https://www.code49.com.br/sites-imobiliarias.php" and
choose your target
# 2- Vulnerability Path: https://site.com/imovel.php?id=[SQLi] OR
https://site.com/impressao.php?id=[SQLi]
######################
# Demo :
# https://www.barbosaimoveis.com.br/imovel.php?id=1573
# https://www.adolfovillegasinmobiliaria.com/impressao.php?id=1345
# https://www.acimoveis.net/impressao.php?id=514
# https://www.silviadesouzabombinhas.com.br/imovel.php?id=1046
######################
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed