CVE-2006-4632

SoftBB < 0.1 - SQL Injection via Groupe or Select Parameter

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2006-4632. PoCs published by DarkFig.

AI-analyzed exploit summary This exploit targets SoftBB 0.1 by leveraging an authenticated PHP code execution vulnerability. It bypasses security mechanisms like magic_quotes_gpc and register_globals to inject a shellcode payload into the application's configuration, allowing remote command execution.

Description

Multiple SQL injection vulnerabilities in SoftBB 0.1, and possibly earlier, allow remote attackers to execute arbitrary SQL commands via the (1) groupe parameter in addmembre.php and the (2) select parameter in moveto.php.

Exploits (1)

exploitdb WORKING POC VERIFIED

by DarkFig · perlwebappsphp

https://www.exploit-db.com/exploits/2300

View Code ZIP pw:eip

This exploit targets SoftBB 0.1 by leveraging an authenticated PHP code execution vulnerability. It bypasses security mechanisms like magic_quotes_gpc and register_globals to inject a shellcode payload into the application's configuration, allowing remote command execution.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: SoftBB 0.1

Auth required

Prerequisites: Valid admin credentials · Access to the admin panel

MITRE ATT&CK