Exploit Invision Power Board 2.0 - 'index.php' Post Action SQL Injection

[Exploiter]

EDB-ID

24752

Проверка EDB

1. Пройдено

Автор

ANONYMOUS

Тип уязвимости

WEBAPPS

Платформа

PHP

CVE

N/A

Дата публикации

2004-11-18

Invision Power Board 2.0 - 'index.php' Post Action SQL Injection

source: https://www.securityfocus.com/bid/11703/info

A remote SQL injection vulnerability affects Inivision Power Board. This issue is due to a failure of the application to properly validate user-supplied input prior to using it in an SQL query.

An attacker may leverage this issue to manipulate SQL query strings and potentially carry out arbitrary database queries. This may facilitate the disclosure or corruption of sensitive database information.

http://www.example.com/forum/index.php?act=Post&CODE=02&f=2&t=1&qpid=1[sql_injection]