lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <20050425212916.23448.qmail@www.securityfocus.com>
Date: 25 Apr 2005 21:29:16 -0000
From: CENSORED <censored@...l.ru>
To: bugtraq@...urityfocus.com
Subject: SQL-injections in Invision Power Board v2.0.1




******************************************************** 
 SQL-injections in Invision Power Board v2.0.1 
******************************************************** 
-------------------------- 
Program: IPB 2.0.1 
Homepage: http://www.invisionboard.com 
Vulnerable Versions: IPB 2.0.1 
Has found: CENSORED 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Vulnerability has been found in forum Invision Power Board v2.0.1 
At citing messages. 
Here an example: 
http://127.0.0.1/forum/index.php? act=PostCODE=02f=4t=2qpid=2 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 

If in the end of parameter to put ' the forum swears on 
Syntactic mistake: 

mySQL query error: select p. *, t.forum_id FROM ibf_posts p 
LEFT JOIN ibf_topics t ON (t.tid=p.topic_id) WHERE pid IN () 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 

SQL an injection 
Example: 
http://127.0.0.1/forum/index.php? act=PostCODE=02f=4t=3qpid = ' [SQL] 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 

I tested vulnerability for versions 2.0.1 
Other versions as can be mentioned. 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 

As have been found vulnerability of other character, but about them 
I shall not inform yet:) 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 
On any questions address: 

CENSORED [SVT]-Search Vulnerabilities Team 
www.security-tmp.net.ru 

*********************************************************


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ