Lucene search
K

35 matches found

securityvulns
securityvulns
added 2005/11/07 12:0 a.m.23 views

Sql injection in ibProArcade

Sql injection in ibProArcade. This bug was discoverd in all of the versions of ibproarcade 2.x. It was tested and found perfectly working under vBulettin or Invision power board. Date:2005-11-5 The injection is here: module=report&user=userid Query: 'SELECT name FROM ibfmembers WHERE id=userid'...

3.1AI score
Exploits0
0day.today
0day.today
added 2005/11/06 12:0 a.m.42 views

ibProArcade 2.x module (vBulletin/IPB) Remote SQL Injection Exploit

Exploit for unknown platform in category web applications =================================================================== ibProArcade 2.x module vBulletin/IPB Remote SQL Injection Exploit =================================================================== Rankings for name will state the md5...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2005/11/06 12:0 a.m.11 views

ibProArcade 2.x - module vBulletinIPB SQL Injection

ibProArcade 2.x - module vBulletinIPB SQL Injection Rankings for name will state the md5 hash for the user /str0ke ibProArcade 2.x IPB: index.php?act=Arcade&module=report&user=-1 union select password from ibfmembers where id=anyuser vBulettin forums: index.php?act=ibProArcade&module=report&user=...

0.4AI score
Exploits0
Exploit DB
Exploit DB
added 2005/11/06 12:0 a.m.43 views

ibProArcade 2.x - module 'vBulletin/IPB' SQL Injection

Rankings for name will state the md5 hash for the user /str0ke ibProArcade 2.x IPB: index.php?act=Arcade&module=report&user=-1 union select password from ibfmembers where id=anyuser vBulettin forums: index.php?act=ibProArcade&module=report&user=-1 union select password from user where...

7AI score
Exploits0
seebug.org
seebug.org
added 2005/11/06 12:0 a.m.16 views

ibProArcade 2.x module (vBulletin/IPB) Remote SQL Injection Exploit

No description provided by source. Rankings for name will state the md5 hash for the user /str0ke ibProArcade 2.x IPB: index.php?act=Arcade&module=report&user=-1 union select password from ibfmembers where id=anyuser vBulettin forums: index.php?act=ibProArcade&module=report&user=-1 union select...

7.1AI score
Exploits0
Cvelist
Cvelist
added 2005/02/19 5:0 a.m.20 views

CVE-2004-1536

SQL injection vulnerability in index.php in the ibProArcade module for Invision Power Board IPB 1.x and 2.x allows remote attackers to execute arbitrary SQL commands via the cat parameter...

8.4AI score0.02417EPSS
Exploits1References5
CVE
CVE
added 2005/02/19 5:0 a.m.44 views

CVE-2004-1536

CVE-2004-1536 affects the ibProArcade module of Invision Power Board (IPB) 1.x and 2.x. The vulnerability is a SQL injection in index.php through the cat parameter, allowing remote attackers to execute arbitrary SQL commands on the backend database. The Nessus/NVD/CVE references confirm remote-ex...

7.5CVSS8.4AI score0.02417EPSS
Exploits1References5Affected Software1
CVE
CVE
added 2005/02/12 5:0 a.m.50 views

CVE-2004-1430

SQL injection vulnerability CVE-2004-1430 affects IbProArcade’s show_stats module (Arcade.php) where the gameid parameter can be exploited to inject arbitrary SQL. This is remote and arises from input handling in the application’s PHP code. The available sources confirm the vulnerability and base...

7.5CVSS8.2AI score0.0133EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2005/02/12 5:0 a.m.21 views

CVE-2004-1430

SQL injection vulnerability in the showstats module in Arcade.php in IbProArcade allows remote attackers to execute arbitrary SQL code via the gameid parameter...

8.1AI score0.0133EPSS
Exploits1References4
securityvulns
securityvulns
added 2005/01/04 12:0 a.m.24 views

[UNIX] SQL Injection Vulnerability in IBProArcade (Arcade.php)

The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com - - promotion The SecuriTeam alerts list - Free, Accurate, Independent. Get your security news from a reliable source...

0.4AI score
Exploits0
securityvulns
securityvulns
added 2005/01/02 12:0 a.m.55 views

SQL Injection Vulnerability In IBProArcade

A flaw exists in the high scores module of IbProArcade which allows malicious SQL Code to be executed on the database the board & arcade use. Demo: http://www.ibproarcade.com/index.php?act=Arcade&do=stats&gameid=104FOO Fix this vuln by following the following directions... open your...

1.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2005/01/02 12:0 a.m.84 views

IBProArcade index.php Arcade Module gameid Parameter SQL Injection

The remote host is running ibProArcade, a web-based score board system written in PHP. One of the application's CGIs, index.php, is affected by a SQL injection vulnerability in the 'gameid' parameter. An attacker may exploit this flaw to execute arbitrary SQL statements against the remote databas...

7.5CVSS6.2AI score0.0133EPSS
Exploits1References2
NVD
NVD
added 2004/12/31 5:0 a.m.13 views

CVE-2004-1430

SQL injection vulnerability in the showstats module in Arcade.php in IbProArcade allows remote attackers to execute arbitrary SQL code via the gameid parameter...

7.5CVSS8.1AI score0.0133EPSS
Exploits1References4
NVD
NVD
added 2004/12/31 5:0 a.m.11 views

CVE-2004-1536

SQL injection vulnerability in index.php in the ibProArcade module for Invision Power Board IPB 1.x and 2.x allows remote attackers to execute arbitrary SQL commands via the cat parameter...

7.5CVSS8.4AI score0.02417EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2004/11/22 12:0 a.m.28 views

Invision Power Board ibProArcade Module index.php cat Parameter SQL Injection

The installation of Invision Power Board on the remote host includes an optional module, named 'Arcade', that allows unauthorized users to inject SQL commands into the remote SQL database through the 'cat' parameter. An attacker may use this flaw to gain control of the remote database and possibl...

7.5CVSS5.9AI score0.02417EPSS
Exploits1References2
Rows per page
Query Builder