Invision Power Board v2.1 <= 2.1.6 sql injection exploit

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: Invision Power Board v2.1 <= 2.1.6 sql injection exploit
From: paul14075@xxxxxxxxx
Date: 18 Jul 2006 03:41:40 -0000
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm

exploit: http://www.milw0rm.com/exploits/2010

bug report: 
http://forums.invisionpower.com/index.php?autocom=bugtracker&code=show_bug&bug_title_id=2043&bug_cat_id=3

exploit allows:

* Create new admin accounts
* Read existing account info, including session ID's.
* Read password hashes.
* Read just about any field in the database.

Allegedly patched in v2.1.7.


regards.

Prev by Date: PcAnywhere > 12 Local Privilege Escalation
Next by Date: Oracle Database - SQL Injection in SYS.DBMS_STATS [DB21]
Previous by thread: PcAnywhere > 12 Local Privilege Escalation
Next by thread: Oracle Database - SQL Injection in SYS.DBMS_STATS [DB21]
Index(es):
- Date
- Thread