header-logo
Suggest Exploit
vendor:
Ikonboard
by:
Unknown
7.5
CVSS
HIGH
SQL Injection
89
CWE
Product Name: Ikonboard
Affected Version From: Unknown
Affected Version To: Unknown
Patch Exists: Unknown
Related CWE:
CPE:
Metasploit:
Other Scripts:
Platforms Tested: Unknown
Unknown

Multiple remote SQL injection vulnerabilities in Ikonboard

Multiple remote SQL injection vulnerabilities affect Ikonboard due to a failure to properly sanitize user-supplied input prior to including it in SQL queries. An attacker can exploit these vulnerabilities to manipulate SQL queries to the underlying database, potentially leading to theft of sensitive information and data corruption.

Mitigation:

Implement proper input validation and sanitization techniques to prevent SQL injection attacks.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/11982/info

Multiple remote SQL injection vulnerabilities reportedly affect Ikonboard. These issues are due to a failure of the application to properly sanitize user-supplied input prior to including it in SQL queries.

An attacker may exploit these issues to manipulate SQL queries to the underlying database. This may facilitate theft of sensitive information, potentially including authentication credentials, and data corruption. 

http://host/support/ikonboard.cgi?act=ST&f=27&t=13066&hl=nickname&st=[SQL_Syntax]
http://host/support/ikonboard.cgi?act=Search&CODE=01&keywords=[SQL_Syntax]&type=name&forums=all&search_in=all&prune=0