BugTraq
Back to list
|
Post reply
WowBB view_user.php SQL Injection Vulnerability
May 10 2005 11:06AM
Megasky (magasky hotmail com)
An attacker can exploit this vulnerability to gain admin username and password.
http://www.wowbb.com/
Vulnerable versions: 1.6
1.61
1.62
Proof of concept:
http://www.example.com/wowbb/view_user.php?list=1&letter=&sort_by='[SQL Injection]
[ reply ]
Privacy Statement
Copyright 2010, SecurityFocus
An attacker can exploit this vulnerability to gain admin username and password.
http://www.wowbb.com/
Vulnerable versions: 1.6
1.61
1.62
Proof of concept:
http://www.example.com/wowbb/view_user.php?list=1&letter=&sort_by='[SQL Injection]
[ reply ]