CVE-2006-3994

XMB Forum < 1.9.6_alpha - SQL Injection via u2uid Parameter

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2006-3994. PoCs published by rgod.

AI-analyzed exploit summary This exploit targets a SQL injection vulnerability in XMB Forum <= 1.9.6 via the 'u2uid' parameter in the private messaging system. It discloses admin credentials by leveraging blind SQL injection with time-based delays and subqueries.

Description

SQL injection vulnerability in the u2u_send_recp function in u2u.inc.php in XMB (aka extreme message board) 1.9.6 Alpha and earlier allows remote attackers to execute arbitrary SQL commands via the u2uid parameter to u2u.php, which is directly accessed from $_POST and bypasses the protection scheme.

Exploits (1)

exploitdb WORKING POC VERIFIED

by rgod · phpwebappsphp

https://www.exploit-db.com/exploits/2105

View Code ZIP pw:eip

This exploit targets a SQL injection vulnerability in XMB Forum <= 1.9.6 via the 'u2uid' parameter in the private messaging system. It discloses admin credentials by leveraging blind SQL injection with time-based delays and subqueries.

Classification

Working Poc 95%

Attack Type

Sqli

Complexity

Moderate

Reliability

Reliable

Target: XMB Forum <= 1.9.6

Auth required

Prerequisites: Valid user account · magic_quotes_gpc=off · MySQL >= 4.1

MITRE ATT&CK