[<prev] [next>] [day] [month] [year] [list]
Message-ID: <20050425212916.23448.qmail@www.securityfocus.com>
Date: 25 Apr 2005 21:29:16 -0000
From: CENSORED <censored@...l.ru>
To: bugtraq@...urityfocus.com
Subject: SQL-injections in Invision Power Board v2.0.1
********************************************************
SQL-injections in Invision Power Board v2.0.1
********************************************************
--------------------------
Program: IPB 2.0.1
Homepage: http://www.invisionboard.com
Vulnerable Versions: IPB 2.0.1
Has found: CENSORED
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Vulnerability has been found in forum Invision Power Board v2.0.1
At citing messages.
Here an example:
http://127.0.0.1/forum/index.php? act=PostCODE=02f=4t=2qpid=2
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
If in the end of parameter to put ' the forum swears on
Syntactic mistake:
mySQL query error: select p. *, t.forum_id FROM ibf_posts p
LEFT JOIN ibf_topics t ON (t.tid=p.topic_id) WHERE pid IN ()
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
SQL an injection
Example:
http://127.0.0.1/forum/index.php? act=PostCODE=02f=4t=3qpid = ' [SQL]
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
I tested vulnerability for versions 2.0.1
Other versions as can be mentioned.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
As have been found vulnerability of other character, but about them
I shall not inform yet:)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
On any questions address:
CENSORED [SVT]-Search Vulnerabilities Team
www.security-tmp.net.ru
*********************************************************
Powered by blists - more mailing lists