SQL Injection Vulnerability in Vegas Forum

Summary

Vulnerability
SQL Injection Vulnerability in Vegas Forum
Discovered
2006.03.03
Last Update
2006.03.13 Exploitation code published
ID
EV0090
CVE
CVE-2006-1020
Risk Level
medium
Type
SQL Injection
Status
Unpatched. No reply from developer(s)
Vendor
n/a
Vulnerable Software
Vegas Forum (http://www.battlereports.com/downloads.php)
Version
1.0
PoC/Exploit
Available
Solution
Not available
Discovered by
Aliaksandr Hartsuyeu (eVuln.com)

Description

SQL Injection found in Vegas Forum (http://www.battlereports.com/downloads.php) script.

Vulnerable script: forumlib.php

Variable $postid isn't properly sanitized. This can be used to make any SQL query by injecting arbitrary SQL code.

PoC/Exploit

SQL Injection Example:

http://host/forum.php?postid=999%20or%201

Solution.

Solution for "SQL Injection Vulnerability in Vegas Forum" is not available. Check vendor's website for updates.

Order Source Code Analysis made by eVuln

Check a website by source code analysis of your site done by eVuln team.The work will be done by specialists in web security.

Advisories by vuln type

Website Monitoring

Daily malware scanning. Allows to receive alerts about security problems in your website.
Details >>

Malicious redirects detected?

eVuln team will eliminate the reason, clean your website and monitor it.
Details >>

Website blacklisted?

eVuln team will clean your website, discover and fix security holes, remove from blacklists.
Details >>