[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

UBB.threads (<= 6.1.1) SQL Injection Vulnerability

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: UBB.threads (<= 6.1.1) SQL Injection Vulnerability
From: john@xxxxxxxxxxxxxx
Date: 8 Apr 2007 04:35:52 -0000

UBB.threads SQL Injection Vulnerability

The variable 'C' in UBB.threads is susceptible to SQL injection.

Vulnerability: http://target.com/ubbthreads.php?Cat=cat&C='
Vulnerable: UBB.threads <= 6.1.1
Google d0rk: allintitle:"Forums powered by UBB.threads"

John Martinelli
john@xxxxxxxxxxxxxx
http://john-martinelli.com

april 8th, 2007

Prev by Date: witshare 0.9 Remote File Include Vulnerabilitiy
Next by Date: Scorp Book <== v1.0 (smilies.php) Remote File Include Exploit
Previous by thread: witshare 0.9 Remote File Include Vulnerabilitiy
Next by thread: Scorp Book <== v1.0 (smilies.php) Remote File Include Exploit
Index(es):
- Date
- Thread