Lucene search
K

mp-invision.txt

🗓️ 20 Nov 2004 00:00:00Reported by maxpatrol.comType 
packetstorm
 packetstorm
🔗 packetstormsecurity.com👁 31 Views

SQL injection vulnerability in Invision Power Board v2.x may allow remote database access.

Code
`  
  
  
[ SQL-injection in Invision Power Board 2.x ]  
  
MaxPatrol Security Advisory 11.18.04  
November 18, 2004  
  
Release Date: November 18, 2004  
Date Reported: November 12, 2004  
Severity: High  
Application: Invision Power Board v2.x  
Affects versions: IPB 2.0.0, IPB 2.0.1 and IPB 2.0.2.  
Platform: PHP  
  
  
I. DESCRIPTION  
  
An input validation vulnerability was reported in Invision Power Board v2.x. A remote user can conduct SQL injection attack.  
  
  
Example:  
  
http://site/forum/index.php?act=Post&CODE=02&f=2&t=1&qpid=1[sql_injection]  
  
  
Result:  
  
--------------------------------------------------------------------------  
mySQL query error: select p.*,t.forum_id FROM ibf_posts p LEFT JOIN ibf_topics t ON (t.tid=p.topic_id)  
WHERE pid IN (1[sql_injection])  
  
mySQL error: You have an error in your SQL syntax near '[sql_injection])' at line 2  
mySQL error code:   
Date: Friday 12th of November 2004 06:53:25 PM  
--------------------------------------------------------------------------  
  
  
This vulnerability found automatically by full-featured commercial version of MaxPatrol.  
  
  
II. IMPACT  
  
A remote user may be able to execute arbitrary SQL commands on the underlying database.  
  
  
III. SOLUTION  
  
To update your IPB 2.x board, simply download security update file, expand and upload "sources/post.php" over the one on your installation.  
  
  
IV. VENDOR FIX/RESPONSE  
  
Vulnerability is fixed.  
  
Security update:  
  
http://forums.invisionpower.com/index.php?showtopic=154916  
http://forums.invisionpower.com/index.php?act=Attach&type=post&id=4992  
  
  
V. CREDIT  
  
This vulnerability was discovered by Positive Technologies using MaxPatrol   
(www.maxpatrol.com) - intellectual professional security scanner. It is able   
to detect a substantial amount of vulnerabilities not published yet.   
MaxPatrol's intelligent algorithms are also capable to detect a lot of   
vulnerabilities in custom web-scripts (XSS, SQL and code injections, HTTP   
Response splitting).  
  
`

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation