212cafeBoard Sql injection

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: 212cafeBoard Sql injection
From: "Lopez Bran" <wenzel.vete@xxxxxxxxx>
Date: Tue, 4 Sep 2007 10:34:12 -0300
Dkim-signature: a=rsa-sha1; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=rV5FBKynz51z8NuBh6rFFEhKovWMuLQXG0CqIN0+vsWkBK/b0yFvyn9asVRnZ8mo5fCY7SMSv4BsUUoYxEsjGBA/AOoKxM93a8/hVCDcr3UL1K58158sqfE1XNXCDKP3ftDyw8iU6N9nqCZtxQazuZXCO8gu1h+xuNf03iByh1o=
Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=BUiunoeg3MpBtus2SdheKnqsqkUovhiM7hzgYRbV/l41s7xGBMk9upEi8KkdDGG6ri9lemmMJj4C89VrqZkLuIf4I+ioH2oPPj47zXiw8grNKFFil3mlpD0eusYVzrJswTXUw/Tl2srsbtaiVmHf3PCJ6uDcvEt+o4C20PQiwZU=
In-reply-to: <9687619e0709040632g37ffcac8j3bc191199bdc3a62@xxxxxxxxxxxxxx>
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm
References: <9687619e0709040632g37ffcac8j3bc191199bdc3a62@xxxxxxxxxxxxxx>

Hello

Vulnerable :
-----------
212cafeBoard

Version:
-------
6.30 Beta

Vendor:
------
http://www.212cafe.com


Description:
-----------
Sql injection 212cafeBoard v6.30 Beta :


http://site/Board/read.php?id=[INJECT SQL CODE]

Path:
-----
I try to contact the developer but never receiver a response.

Regards,
Lopez Bran Digrap



-- 
Saludos,
Lopez Bran Digrap

Prev by Date: [security bulletin] HPSBUX02156 SSRT061236 rev.3 - HP-UX Running Thunderbird, Remote Unauthorized Access or Elevation of Privileges or Denial of Service (DoS)
Next by Date: Re: [Sec] Re: [Full-disclosure] n.runs-SA-2007.027 - Sophos Antivirus UPX parsing Arbitrary CodeExecution Advisory
Previous by thread: [security bulletin] HPSBUX02156 SSRT061236 rev.3 - HP-UX Running Thunderbird, Remote Unauthorized Access or Elevation of Privileges or Denial of Service (DoS)
Next by thread: Wireshark DNP3 Dissector Infinite Loop Vulnerability
Index(es):
- Date
- Thread