phpBB datenbank mod has XSS/SQL Injection in the id variable

2005-04-16T00:00:00
ID SECURITYVULNS:DOC:8357
Type securityvulns
Reporter Securityvulns
Modified 2005-04-16T00:00:00

Description

vulnerable mod: datenbank

explaination: you can pass SQL Injection / Cross Site Scripting (Commands) in the id variable inside the mod.php (mod-datenbank)

exploit: http://[target]/phpBB/moddb/mod.php?id='[SQL Injection] http://[target]/phpBB/moddb/mod.php?id='><script>alert(document.cookie) </script>

this bugs discovered by : neO SGT SecurityGurus Team www.securitygurus.net