CVE-2004-0323

XMB 1.8 Final SP2 - SQL Injection via ppp/tpp/ascdesc/desc/addon Parameters

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2004-0323. PoCs published by Janek Vind.

AI-analyzed exploit summary The provided text describes multiple vulnerabilities in XMB Forum, including XSS, HTML injection, and SQL injection, due to insufficient sanitization of user-supplied data. It includes example URLs demonstrating the vulnerabilities but lacks executable exploit code.

Description

Multiple SQL injection vulnerabilities in XMB 1.8 Final SP2 allow remote attackers to inject arbitrary SQL and gain privileges via the (1) ppp parameter in viewthread.php, (2) desc parameter in misc.php, (3) tpp parameter in forumdisplay.php, (4) ascdesc parameter in forumdisplay.php, or (5) the addon parameter in stats.php. NOTE: it has also been shown that item (3) is also in XMB 1.9 beta.

Exploits (1)

exploitdb WRITEUP VERIFIED

by Janek Vind · textwebappsphp

https://www.exploit-db.com/exploits/23748

View Code ZIP pw:eip

The provided text describes multiple vulnerabilities in XMB Forum, including XSS, HTML injection, and SQL injection, due to insufficient sanitization of user-supplied data. It includes example URLs demonstrating the vulnerabilities but lacks executable exploit code.

Classification

Writeup 90%

Attack Type

Xss | Sqli

Complexity

Trivial

Reliability

Theoretical

Target: XMB Forum 1.8 SP2

No auth needed

Prerequisites: Access to the target XMB Forum instance

MITRE ATT&CK