by r0t,der4444,cembo,VietMafia

Monday, November 28, 2005

ShockBoard SQL inj. vuln.

ShockBoard SQL inj. vuln.

Vuln. dicovered by : r0t
Date: 28 nov. 2005
affected version:v3.0 and v4.0 [develop. version]

Product Description:
An easy to setup and use message board written PHP with MySql on the backend. Features: Avatars; Smilies; Advanced profiles; moderators, supermoderators and administrators; Database cleanup function; Standard thingies like quotes, delete messages; Private forums; and more

Vuln. description:
Input passed to the "offset" parameter in "topic.php" isn't properly sanitised before being used in a SQL query.This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.


Edit the source code to ensure that input is properly sanitised.


Anonymous Anonymous told...

thanx for spreading the word and certainly thanx for mailing me the problem!!!!!!!!!!!!

6:46 PM


Post a Comment

<< Home

Copyright (c) 2006 Pridels Sec Crew