Full Disclosure mailing list archives

IP.Board <= 3.4.7 SQL Injection

From: secthrowaway () Safe-mail net
Date: Sun, 9 Nov 2014 03:00:17 -0500

IP.Board version 3.4.7 (latest) suffers from a SQL injection vulnerability. 

Working PoC is attached.

Attachment: ipb.py
Description:


_______________________________________________
Sent through the Full Disclosure mailing list
http://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/

Current thread:

IP.Board <= 3.4.7 SQL Injection secthrowaway (Nov 09)