Lucene search
K

SAS Hotel Management System SQL Injection

🗓️ 16 Jun 2010 00:00:00Reported by L0rd CrusAd3rType 
packetstorm
 packetstorm
🔗 packetstormsecurity.com👁 25 Views

SAS Hotel Management System reservation portal for hotels and resorts, with email alerts, photo gallery, and admin control for payments and booking options

Code
`1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0  
0 _ __ __ __ 1  
1 /' \ __ /'__`\ /\ \__ /'__`\ 0  
0 /\_, \ ___ /\_\/\_\ \ \ ___\ \ ,_\/\ \/\ \ _ ___ 1  
1 \/_/\ \ /' _ `\ \/\ \/_/_\_<_ /'___\ \ \/\ \ \ \ \/\`'__\ 0  
0 \ \ \/\ \/\ \ \ \ \/\ \ \ \/\ \__/\ \ \_\ \ \_\ \ \ \/ 1  
1 \ \_\ \_\ \_\_\ \ \ \____/\ \____\\ \__\\ \____/\ \_\ 0  
0 \/_/\/_/\/_/\ \_\ \/___/ \/____/ \/__/ \/___/ \/_/ 1  
1 \ \____/ >> Exploit database separated by exploit 0  
0 \/___/ type (local, remote, DoS, etc.) 1  
1 1  
0 [+] Site : Inj3ct0r.com 0  
1 [+] Support e-mail : submit[at]inj3ct0r.com 1  
0 0  
1 ########################################### 1  
0 I'm L0rd CrusAd3r member from Inj3ct0r Team 1  
1 ########################################### 0  
0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1  
Author: L0rd CrusAd3r aka VSN [[email protected]]  
Exploit Title:SAS Hotel Management System SQL Vulnerable  
Vendor url:http://www.sellatsite.com  
Version:n/a  
Price:28$  
Published: 2010-06-15  
Greetz to:Sid3^effects, MaYur, M4n0j, Dark Blue, S1ayer,d3c0d3r,KD and to all ICW members.  
Spl Greetz to:inj3ct0r.com Team, Andhrahackers.com  
  
~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~  
  
Description:  
  
SAS Hotel Management System reservation portal. Agents, Hotel and Resorts owner can submit their hotels and resorts for booking. Email alerts on rooms or resorts reservation for both buyer and owner. Website owner hotels and resort listings will appear always on the top of the list. Website owner hotels and resorts photo gallery. Agents and hotel owners can submit images during registration. Powerful admin to control register hotels, agents and their payments. 2Checkout, Paypal and Manual payment options.  
  
Note: Listings submitted for UAE only you can start checking script by registering your own hotel or resort.  
  
  
  
~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~  
  
Vulnerability:  
  
*SQLi Vulnerability  
  
DEMO URL :http://www.aebest.com/home/user_login.asp?notfound=[sqli]  
  
# 0day n0 m0re #  
# L0rd CrusAd3r #  
  
`

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

16 Jun 2010 00:00Current
0.1Low risk
Vulners AI Score0.1
25