Bugtraq mailing list archives
WowBB view_user.php SQL Injection Vulnerability
From: Megasky <magasky () hotmail com>
Date: 10 May 2005 11:06:26 -0000
An attacker can exploit this vulnerability to gain admin username and password. http://www.wowbb.com/ Vulnerable versions: 1.6 1.61 1.62 Proof of concept: http://www.example.com/wowbb/view_user.php?list=1&letter=&sort_by='[SQL Injection]
Current thread:
- WowBB view_user.php SQL Injection Vulnerability Megasky (May 10)