{"lastseen": "2020-04-01T19:03:59", "references": [], "description": "\n427BB 2.2 - showthread.php SQL Injection", "edition": 1, "reporter": "Aliaksandr Hartsuyeu", "exploitpack": {"type": "webapps", "platform": "php"}, "published": "2006-01-09T00:00:00", "title": "427BB 2.2 - showthread.php SQL Injection", "type": "exploitpack", "enchantments": {"dependencies": {"references": [], "modified": "2020-04-01T19:03:59", "rev": 2}, "score": {"value": -0.0, "vector": "NONE", "modified": "2020-04-01T19:03:59", "rev": 2}, "vulnersScore": -0.0}, "bulletinFamily": "exploit", "cvelist": [], "modified": "2006-01-09T00:00:00", "id": "EXPLOITPACK:BE872BD6637C00DF5E54B857E0C403CA", "href": "", "viewCount": 1, "sourceData": "source: https://www.securityfocus.com/bid/16169/info\n\n427BB is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query.\n\nSuccessful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation.\n\nThis issue affects versions 2.2 and 2.2.1; other versions may also be vulnerable. \n\nhttp://www.example.com/bb427/showthread.php?ForumID=999%20union%20select%20UserName,Passwrod,null,null%20from%20prefPersonal", "cvss": {"score": 0.0, "vector": "NONE"}}

{}