CVE-2008-2029

miniBB < 2.2 - SQL Injection via xtr Parameter

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2008-2029. PoCs published by girex.

AI-analyzed exploit summary This exploit demonstrates multiple vulnerabilities in miniBB 2.2, including Full Path Disclosure, Cross-Site Scripting (XSS), and Remote SQL Injection. The SQL Injection PoC retrieves admin credentials or sensitive files via UNION-based attacks, requiring register_globals to be enabled.

Description

Multiple SQL injection vulnerabilities in (1) setup_mysql.php and (2) setup_options.php in miniBB 2.2 and possibly earlier, when register_globals is enabled, allow remote attackers to execute arbitrary SQL commands via the xtr parameter in a userinfo action to index.php.

Exploits (1)

exploitdb WORKING POC VERIFIED

by girex · textwebappsphp

https://www.exploit-db.com/exploits/5494

View Code ZIP pw:eip

This exploit demonstrates multiple vulnerabilities in miniBB 2.2, including Full Path Disclosure, Cross-Site Scripting (XSS), and Remote SQL Injection. The SQL Injection PoC retrieves admin credentials or sensitive files via UNION-based attacks, requiring register_globals to be enabled.

Classification

Working Poc 90%

Attack Type

Sqli | Xss | Info Leak

Complexity

Moderate

Reliability

Reliable

Target: miniBB 2.2 (and prior versions)

No auth needed

Prerequisites: register_globals = On · target running miniBB 2.2 or prior

MITRE ATT&CK