Exploitation Summary
EIP tracks 1 public exploit for CVE-2004-1622. PoCs published by Florian Rock.
AI-analyzed exploit summary This exploit demonstrates an SQL injection vulnerability in UBBCentral UBB.threads by manipulating the 'Name' parameter in the search functionality. The payload bypasses authentication by injecting a condition that matches a known password hash.
Description
SQL injection vulnerability in dosearch.php in UBB.threads 3.4.x allows remote attackers to execute arbitrary SQL statements via the Name parameter.
Exploits (1)
This exploit demonstrates an SQL injection vulnerability in UBBCentral UBB.threads by manipulating the 'Name' parameter in the search functionality. The payload bypasses authentication by injecting a condition that matches a known password hash.