| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: 25 Apr 2005 21:29:16 -0000 From: CENSORED <censored@...l.ru> To: bugtraq@...urityfocus.com Subject: SQL-injections in Invision Power Board v2.0.1 ******************************************************** SQL-injections in Invision Power Board v2.0.1 ******************************************************** -------------------------- Program: IPB 2.0.1 Homepage: http://www.invisionboard.com Vulnerable Versions: IPB 2.0.1 Has found: CENSORED ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Vulnerability has been found in forum Invision Power Board v2.0.1 At citing messages. Here an example: http://127.0.0.1/forum/index.php? act=PostCODE=02f=4t=2qpid=2 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ If in the end of parameter to put ' the forum swears on Syntactic mistake: mySQL query error: select p. *, t.forum_id FROM ibf_posts p LEFT JOIN ibf_topics t ON (t.tid=p.topic_id) WHERE pid IN () ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ SQL an injection Example: http://127.0.0.1/forum/index.php? act=PostCODE=02f=4t=3qpid = ' [SQL] ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ I tested vulnerability for versions 2.0.1 Other versions as can be mentioned. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ As have been found vulnerability of other character, but about them I shall not inform yet:) ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ On any questions address: CENSORED [SVT]-Search Vulnerabilities Team www.security-tmp.net.ru *********************************************************
Powered by blists - more mailing lists