Woltlab Burning Board v1 Beta4.5e sql injection vulnerability

2017.12.24

indoushka (DZ)

Risk: Medium

Local: No

Remote: Yes

CVE: N/A

CWE: CWE-89

Dork: Powered by Woltlab Burning Board v1 Beta4.5e

========================================================================
| # Title : Woltlab Burning Board v1 Beta4.5e sql injection vulnerability
| # Author : indoushka
| # email : indoushka4ever@gmail.com
| # Tested on : windows 8.1 Français V.(Pro)
| # Version : v1 Beta4.5e
| # Vendor : https://www.woltlab.com/
| # Dork : Powered by Woltlab Burning Board v1 Beta4.5e
========================================================================
poc :
http://psycle.pastnotecut.org/members.php?mode=profile&userid=9 ( inject her )
admin panel :
http://psycle.pastnotecut.org/admin/index.php
Greetz : ===============================================================
|
jericho * Larry W. Cashdollar * shadow00715 * Gjoko Krstic |
|
========================================================================

See this note in RAW Version

Vote for this issue:

100%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

Woltlab Burning Board v1 Beta4.5e sql injection vulnerability

Dork: Powered by Woltlab Burning Board v1 Beta4.5e

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.