facebook facebook twitter rss

NoticeBoardPro v1.X SQL Injection vulnerability

Author: TUNISIAN CYBER , Published: 27-12-2013
[+] Author: TUNISIAN CYBER
[+] Exploit Title: NoticeBoardPro v1.X SQL Injection vulnerability
[+] Date: 27-12-2013
[+] Category: WebApp
[+] Google Dork: n/a
[+] Tested on: KaliLinux
[+] Vendor: http://www.noticeboardpro.com/


########################################################################################

+Description:
NoticeBoardPro is an online, web-based, notice / bulletin board system that acts as a market place and lets you advertise.

+Exploit:
NoticeBoardPro Suffers from an SQL Injection vulnerability.

File(s): deleteItem3.php
deleteItem2.php
deleteItem1.php
Parameter:noticeID
userID
[PHP]
$noticeID=$_GET['noticeID'];
$userID=$_GET['userID'];

mysql_connect("$hostName", "$dbusername", "$dbpassword");

$result1 = mysql_query("SELECT * FROM $databaseName.notice_nbp where $databaseName.notice_nbp.noticeID = '$noticeID' and $databaseName.notice_nbp.userID = '$userID'");

$result = mysql_query("DELETE FROM $databaseName.notice_nbp where $databaseName.notice_nbp.noticeID = '$noticeID' and $databaseName.notice_nbp.userID = '$userID'");
[PHP]

P.O.C:
http://127.0.0.1/NoticeBoardPro/deleteItem3.php?noticeID=&userID=[SQL]
./3nD
########################################################################################
Greets to: XMaX-tn, N43il HacK3r, XtechSEt
Sec4Ever Members:
DamaneDz
UzunDz
GEOIX
########################################################################################

Like us on Facebook :