- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 24986
- Проверка EDB
-
- Пройдено
- Автор
- ANONYMOUS
- Тип уязвимости
- WEBAPPS
- Платформа
- CGI
- CVE
- cve-2004-1406
- Дата публикации
- 2004-12-16
IkonBoard 3.x - Multiple SQL Injections
Код:
source: https://www.securityfocus.com/bid/11982/info
Multiple remote SQL injection vulnerabilities reportedly affect Ikonboard. These issues are due to a failure of the application to properly sanitize user-supplied input prior to including it in SQL queries.
An attacker may exploit these issues to manipulate SQL queries to the underlying database. This may facilitate theft of sensitive information, potentially including authentication credentials, and data corruption.
http://host/support/ikonboard.cgi?act=ST&f=27&t=13066&hl=nickname&st=[SQL_Syntax]
http://host/support/ikonboard.cgi?act=Search&CODE=01&keywords=[SQL_Syntax]&type=name&forums=all&search_in=all&prune=0- Источник
- www.exploit-db.com
