BugTraq
Name:
Email:
*Note: Email address will appear as "user domain ext" to prevent harvesting.
Subject:
Message:
 
phpBB password disclosure by sql injection Jun 19 2003 07:27AM
Rick (rikul bellsouth net)
Hi

There is sql injection vuln in phpBB. The variable "topic_id" is passed
directly from GET to sql query in /viewtopic.php. It can be used
to get md5 passwords for users. I am attaching details and proof of
concept code. I've only tested this on mysql 4 and pgsql at my home
machines so I might h...

[ more ]  
 

Privacy Statement
Copyright 2010, SecurityFocus