[+] Author: TUNISIAN CYBER
[+] Exploit Title: NoticeBoardPro v1.X SQL Injection vulnerability
[+] Date: 27-12-2013
[+] Category: WebApp
[+] Google Dork: n/a
[+] Tested on: KaliLinux
[+] Vendor: http://www.noticeboardpro.com/

 
########################################################################################

+Description:
NoticeBoardPro is an online, web-based, notice / bulletin board system that acts as a market place and lets you advertise.

+Exploit:
NoticeBoardPro Suffers from an SQL Injection vulnerability.

File(s): deleteItem3.php
         deleteItem2.php
     deleteItem1.php
Parameter:noticeID
         userID        
[PHP]
$noticeID=$_GET['noticeID'];
  $userID=$_GET['userID'];

  mysql_connect("$hostName", "$dbusername", "$dbpassword");

  $result1 = mysql_query("SELECT * FROM $databaseName.notice_nbp where $databaseName.notice_nbp.noticeID = '$noticeID' and $databaseName.notice_nbp.userID = '$userID'");

  $result = mysql_query("DELETE FROM $databaseName.notice_nbp where $databaseName.notice_nbp.noticeID = '$noticeID' and $databaseName.notice_nbp.userID = '$userID'");
[PHP]

P.O.C:
http://127.0.0.1/NoticeBoardPro/deleteItem3.php?noticeID=&userID=[SQL]
./3nD
########################################################################################
Greets to: XMaX-tn, N43il HacK3r, XtechSEt
Sec4Ever Members:
DamaneDz
UzunDz
GEOIX
########################################################################################