Security Advisory: APBoard 2.2-r3 <= SQL Injections - security vulnerabilities database

[EN] securityvulns.ru
no-pyccku

Related information
  Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
  Andys Chat 4.5 (action) Remote File Inclusion
  MP3 Search/Archive v1.2 - XSS
  ePrayver v.Alpha - XSS
  HotPlugCMS_1.0 - SQL Injection Vulnerability

From: 666_(at)_hell.de.tk <666_(at)_hell.de.tk>
Date: 16.06.2006
Subject: APBoard 2.2-r3 <= SQL Injections

################################################################
##              APBoard 2.2-r3 <= SQL Injections              ##
## - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -##
##                                                            ##
## Discovered by: 666 (SR-Crew)                             ##
## Homepage:       www.SR-Crew.de.tt                         ##
##                                                            ##
## - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -##
##                                                            ##
## Vendor:         APBoard from APP                          ##
## Homepage:       www.php-programs.de                       ##
##                                                            ##
## - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -##
##                                                            ##
##                     Vulnerabilities                        ##
##                     ===============                        ##
##                                                            ##
## board.php?id=1&sessid=[SID]&PHPSESSID=[SQL]               ##
## main.php?viewcat=1&viewcatmod=[SQL]&sessid=[SID]          ##
##                                                            ##
## - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -##
##                                                            ##
## Contact: 666@hell.de.tk                                   ##
##                                                            ##
## - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -##
##                                                            ##
##      VISIT THE BEST GERMAN SECURITY & CODING BOARD:        ##
##                                                            ##
##                      www.BlueGeek.de                       ##
##                                                            ##
## - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -##