XMB member.php Multiple Parameter SQL Injection

medium Nessus Plugin ID 11587

Language:

Synopsis

The remote web server contains a PHP script that is affected by a SQL injection flaw.

Description

The remote host is running XMB Forum, a web forum written in PHP.

According to its banner, this forum is vulnerable to a SQL injection bug which may allow an attacker to steal the passwords hashes of any user of this forum, including the forum administrator. Once he has the password hashes, he can easily setup a brute-force attack to crack the users passwords and then impersonate them. If the administrator password is obtained, an attacker may even edit the content of this website.

Solution

Upgrade to XMB Forum 1.8 SP1 or newer.

See Also

https://www.securityfocus.com/archive/1/319411

Plugin Details

Severity: Medium

ID: 11587

File Name: xmb_sql_injection.nasl

Version: 1.21

Type: remote

Family: CGI abuses

Published: 5/7/2003

Updated: 4/11/2022

Configuration: Enable thorough checks

Supported Sensors: Nessus

Risk Information

CVSS v2

Risk Factor: Medium

Base Score: 5

Temporal Score: 4.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

Vulnerability Information

Excluded KB Items: Settings/disable_cgi_scanning

Exploit Available: true

Exploit Ease: Exploits are available

Reference Information

BID: 7406