Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

SQL IN Open Bulletin Board

From: ABDUCTER_MINDS () YAHOO COM
Date: 8 Aug 2005 11:03:14 -0000
Class:  Input Validation Error
Remote:  Yes   
Local:  Yes
Credit: ABDUCTER ----> ABDUCTER_MINDS () YAHOO COM  {OR} ABDUCTER_MINDS76 () HOTMAIL COM
Vulnerable: Powered by Open Bulletin Board ALL VERSION
******************************************************
info :- openbb is APOPULAR FORUM HAVE MANY VERSION U CAN FIND SOURCE OF FORUM IN
http://www.openbb.com/
******************************************************
discussion :- there is many sql in 
                              (board.php) as wwww.victim.com/openbb/board.php?FID=[sql]
                              (read.php) as www.victim.com/openbb/read.php?TID=[sql]
                              (member.php) as www.victim.com/openbb/member.php?action=profile&UID=[sql]

******************************************************
CREDITS :-
          FOR ALL ARAB [EGYPT]
          WWW.S4A.CC
          TO MY LOVE (N0N0)
          DEVIL_00
Previous By Date Next
Previous By Thread Next

Current thread: