SAS Hotel Management System SQL Vulnerability

2010-06-15T00:00:00
ID 1337DAY-ID-12718
Type zdt
Reporter L0rd CrusAd3r
Modified 2010-06-15T00:00:00

Description

Exploit for asp platform in category web applications

                                        
                                            =============================================
SAS Hotel Management System SQL Vulnerability
=============================================

1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
0     _                   __           __       __                     1
1   /' \            __  /'__`\        /\ \__  /'__`\                   0
0  /\_, \    ___   /\_\/\_\ \ \    ___\ \ ,_\/\ \/\ \  _ ___           1
1  \/_/\ \ /' _ `\ \/\ \/_/_\_<_  /'___\ \ \/\ \ \ \ \/\`'__\          0
0     \ \ \/\ \/\ \ \ \ \/\ \ \ \/\ \__/\ \ \_\ \ \_\ \ \ \/           1
1      \ \_\ \_\ \_\_\ \ \ \____/\ \____\\ \__\\ \____/\ \_\           0
0       \/_/\/_/\/_/\ \_\ \/___/  \/____/ \/__/ \/___/  \/_/           1
1                  \ \____/ >> Exploit database separated by exploit   0
0                   \/___/          type (local, remote, DoS, etc.)    1
1                                                                      1
0  [+] Site            : Inj3ct0r.com                                  0
1  [+] Support e-mail  : submit[at]inj3ct0r.com                        1
0                                                                      0
1                ###########################################           1
0                I'm L0rd CrusAd3r member from Inj3ct0r Team           1
1                ###########################################           0
0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1

Author: L0rd CrusAd3r aka VSN [[email protected]]
Exploit Title:SAS Hotel Management System SQL Vulnerable
Vendor url:http://www.sellatsite.com
Version:n/a
Price:28$
Published: 2010-06-15
Greetz to:Sid3^effects, MaYur, M4n0j, Dark Blue, S1ayer,d3c0d3r,KD and to all ICW members.
Spl Greetz to:inj3ct0r.com Team, Andhrahackers.com

~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~

Description:

SAS Hotel Management System reservation portal. Agents, Hotel and Resorts owner can submit their hotels and resorts for booking.? Email alerts on rooms or resorts reservation for both buyer and owner.. Website owner hotels and resort listings will appear always on the top of the list. Website owner hotels and resorts photo gallery. Agents and hotel owners can submit images during registration. Powerful admin to control register hotels, agents and their payments. 2Checkout, Paypal and Manual payment options.

Note: Listings submitted for UAE only you can start checking? script by registering your own hotel or resort.



~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~

Vulnerability:

*SQLi Vulnerability

DEMO URL :http://www.aebest.com/home/user_login.asp?notfound=[sqli]

# 0day n0 m0re #
# L0rd CrusAd3r #



#  0day.today [2018-03-16]  #