UBBCentral UBB.threads 6.0 Editpost.PHP SQL Injection Vulnerability

2005-03-11T00:00:00
ID EDB-ID:25212
Type exploitdb
Reporter ADZ Security Team
Modified 2005-03-11T00:00:00

Description

UBBCentral UBB.threads 6.0 Editpost.PHP SQL Injection Vulnerability. Webapps exploit for php platform

                                        
                                            source: http://www.securityfocus.com/bid/12784/info


It is reported that UBB.threads is prone to an SQL injection vulnerability.

The SQL injection vulnerability is reported to affect the 'editpost.php' script.

UBB.threads 6.0 is reported prone to this issue. It is likely that other versions are affected as well. 

http://www.example.com/[path]/editpost.php?Cat=X&Board=X&Number=1'%20OR%20'a'='a