Bugtraq mailing list archives
Re: Invision Power Board 2.1 <= 2.1.6 sql injection
From: str0ke <str0ke () milw0rm com>
Date: Tue, 18 Jul 2006 13:03:06 -0500
Paul, Should work just fine if an admin is logged in. /str0ke On 7/16/06, paul dansing <dansing () swissinfo org> wrote:
Hello rst, i got this from your website couple days ago. it does NOT work on any 2.1.6 board i have here even vanilla default install. can anyone please confirm this working on 2.1.6?? i removed their "phone home", and added a user-agent string, in their exploit.
Current thread:
- Invision Power Board 2.1 <= 2.1.6 sql injection rst (Jul 15)
- Re: Invision Power Board 2.1 <= 2.1.6 sql injection paul dansing (Jul 18)
- Re: Invision Power Board 2.1 <= 2.1.6 sql injection str0ke (Jul 18)
- <Possible follow-ups>
- Re: Invision Power Board 2.1 <= 2.1.6 sql injection mattmecham (Jul 18)
- Re: Re: Invision Power Board 2.1 <= 2.1.6 sql injection paul14075 (Jul 18)
- Re: Invision Power Board 2.1 <= 2.1.6 sql injection paul dansing (Jul 18)