Bugtraq: Woltlab Burning Board info_db.php multiple SQL injection

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Bugtraq mailing list archives

Woltlab Burning Board info_db.php multiple SQL injection

From: admin () batznet com
Date: 26 Oct 2005 14:01:28 -0000

#################################################################
#
#   Woltlab Burning Board info_db.php multiple SQL      #   injection    
#                                               
#################################################################
->discovered by [R]


Vendor: "Trooper"
URL:  www.wbbcoderforum.de
Version: <= 2.7
Type: SQL-injection


Description:
------------------------
Info-DB is a very powerful and popular download-module with many features.


Information:
------------------------
Info-DB is prone to multiple SQL injection vulnerabilities.
(It's possible to upload any files through info_db.php.)


Bug:
------------------------
[1] /info_db.php?action=file&fileid=[SQL-Injection]
[2] /info_db.php?action=file&fileid=59&subkatid=[SQL-injection]

Both tested on 2.5.
All other versions should be vulnerable, too.
An exploit-code is available at rootbox.cx.la/batznet.com


Patch:
------------------------
No Patch available.


Greetz:
------------------------
greetz fly out to 2lm, Lux2, redice, triple6, darkkilla, EaTh




// written by [R]
// www.batznet.com

By Date By Thread

Current thread:

Woltlab Burning Board info_db.php multiple SQL injection admin (Oct 26)