CVE-2010-1338
CVE-2010-1338
SQL injection vulnerability in ts_other.php in the Teamsite Hack plugin 3.0 and earlier for WoltLab Burning Board allows remote attackers to execute arbitrary SQL commands via the userid parameter in a modboard action.
Affected products
n/a · n/apublic PoCs found — 3
cve_referencepacketstormsecurity.org/1003-exploits/woltlabb-sql.txtunverifiedcve_referencewww.exploit-db.com/exploits/11824unverifiedexploitdbwww.exploit-db.com/exploits/11824unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://4004securityproject.wordpress.com/2010/03/22/woltlab-burning-board-teamsite-hack-v3-0-ts_other-php-sql-injection-exploit-2/http://445544.44.ohost.de/worldlabburningboardadon2python-1.txthttp://osvdb.org/63126http://packetstormsecurity.org/1003-exploits/woltlabb-sql.txthttp://secunia.com/advisories/39009https://exchange.xforce.ibmcloud.com/vulnerabilities/57066http://www.exploit-db.com/exploits/11824http://www.securityfocus.com/bid/38870