TUCoPS :: Web BBS :: etc :: c07-2639.htm

JGBBS 3.0beta1 Version Search.ASP "Author" SQL Injection Exploit
JGBBS 3.0beta1 Version Search.ASP "Author" SQL Injection Exploit
JGBBS 3.0beta1 Version Search.ASP "Author" SQL Injection Exploit


JGBBS 3.0beta1 Version Search.ASP "Author" SQL Injection Exploit

Type :

SQL Injection

Release Date :

{2007-03-13}

Product / Vendor :

JGBBS Is a Tree-style Online Forum System

http://sourceforge.net/projects/jgbbs/ 

Bug :

http://localhost/script/search.asp?author=-SQL Inj.-&bid=0 

SQL Injection Exploit :

JGBBS 3.0beta1 Version Search.ASP "Author" SQL Injection Exploit


action="http://localhost/script/search.asp"> 
JGBBS 3.0beta1 Version Search.ASP "Author" SQL Injection Exploit



  

    SQL Injection Code
     
    
  

  

    Search Board
     
    
       
      
    
  






UniquE-Key{UniquE-Cracker}


UniquE@UniquE-Key.ORGcolor="#FF0000">UniquE@UniquE-Key.ORG 


color="#FF0000">http://UniquE-Key.ORG
 

Tested :

JGBBS 3.0beta1

Vulnerable :

JGBBS 3.0beta1

Author :

UniquE-Key{UniquE-Cracker}
UniquE(at)UniquE-Key.Org
http://www.UniquE-Key.Org

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2025 AOH