WoltlabSQL.txt

2005-10-27T00:00:00
ID PACKETSTORM:41002
Type packetstorm
Reporter [R]
Modified 2005-10-27T00:00:00

Description

                                        
                                            `#################################################################  
#  
# Woltlab Burning Board info_db.php multiple SQL # injection   
#   
#################################################################  
->discovered by [R]  
  
  
Vendor: "Trooper"  
URL: www.wbbcoderforum.de  
Version: <= 2.7  
Type: SQL-injection  
  
  
Description:  
------------------------  
Info-DB is a very powerful and popular download-module with many features.  
  
  
Information:  
------------------------  
Info-DB is prone to multiple SQL injection vulnerabilities.  
(It's possible to upload any files through info_db.php.)  
  
  
Bug:  
------------------------  
[1] /info_db.php?action=file&fileid=[SQL-Injection]  
[2] /info_db.php?action=file&fileid=59&subkatid=[SQL-injection]  
  
Both tested on 2.5.  
All other versions should be vulnerable, too.  
An exploit-code is available at rootbox.cx.la/batznet.com  
  
  
Patch:  
------------------------  
No Patch available.  
  
  
Greetz:  
------------------------  
greetz fly out to 2lm, Lux2, redice, triple6, darkkilla, EaTh  
  
  
  
  
// written by [R]  
// www.batznet.com  
`