[prev in list] [next in list] [prev in thread] [next in thread]
List: bugtraq
Subject: SQL-injections in Invision Power Board v2.0.1
From: CENSORED <censored () mail ! ru>
Date: 2005-04-25 21:29:16
Message-ID: 20050425212916.23448.qmail () www ! securityfocus ! com
[Download RAW message or body]
********************************************************
SQL-injections in Invision Power Board v2.0.1
********************************************************
--------------------------
Program: IPB 2.0.1
Homepage: http://www.invisionboard.com
Vulnerable Versions: IPB 2.0.1
Has found: CENSORED
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Vulnerability has been found in forum Invision Power Board v2.0.1
At citing messages.
Here an example:
http://127.0.0.1/forum/index.php? act=PostCODE=02f=4t=2qpid=2
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
If in the end of parameter to put ' the forum swears on
Syntactic mistake:
mySQL query error: select p. *, t.forum_id FROM ibf_posts p
LEFT JOIN ibf_topics t ON (t.tid=p.topic_id) WHERE pid IN ()
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
SQL an injection
Example:
http://127.0.0.1/forum/index.php? act=PostCODE=02f=4t=3qpid = ' [SQL]
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
I tested vulnerability for versions 2.0.1
Other versions as can be mentioned.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
As have been found vulnerability of other character, but about them
I shall not inform yet:)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
On any questions address:
CENSORED [SVT]-Search Vulnerabilities Team
www.security-tmp.net.ru
*********************************************************
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic