CODE49 version 1 suffers from a remote SQL injection vulnerability.
094f82765b97f679c2b5f6f6ed3ca81d######################
# Exploit Title : CODE49 SQL Injection
# Dork : -
# Author : &Warrior&
# Vendor Homepage : https://www.code49.com.br/sites-imobiliarias.php
# Date : 03/09/2018
# Version : 1.0
# Category : Webapps
# Tested On : windows 10, firefox
######################
# Proof Of Concept (POC):
# 1- go to this site "https://www.code49.com.br/sites-imobiliarias.php" and
choose your target
# 2- Vulnerability Path: https://site.com/imovel.php?id=[SQLi] OR
https://site.com/impressao.php?id=[SQLi]
######################
# Demo :
# https://www.barbosaimoveis.com.br/imovel.php?id=1573
# https://www.adolfovillegasinmobiliaria.com/impressao.php?id=1345
# https://www.acimoveis.net/impressao.php?id=514
# https://www.silviadesouzabombinhas.com.br/imovel.php?id=1046
######################