CVE-2012-5874

Elite Bulletin Board < 2.1.22 - SQL Injection via PATH_INFO

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2012-5874. PoCs published by High-Tech Bridge SA.

AI-analyzed exploit summary The exploit demonstrates SQL injection vulnerabilities in Elite Bulletin Board by injecting crafted SQL queries into the URI of multiple scripts. The PoC extracts the MySQL server version by leveraging insufficient input sanitization in the `update_whosonline_reg()` and `update_whosonline_guest()` functions.

Description

Multiple SQL injection vulnerabilities in the (1) update_whosonline_reg and (2) update_whosonline_guest functions in Elite Bulletin Board before 2.1.22 allow remote attackers to execute arbitrary SQL commands via the PATH_INFO to (a) checkuser.php, (b) groups.php, (c) index.php, (d) login.php, (e) quicklogin.php, (f) register.php, (g) Search.php, (h) viewboard.php, or (i) viewtopic.php.

Exploits (1)

exploitdb WORKING POC VERIFIED

by High-Tech Bridge SA · textwebappsphp

https://www.exploit-db.com/exploits/23575

View Code ZIP pw:eip

The exploit demonstrates SQL injection vulnerabilities in Elite Bulletin Board by injecting crafted SQL queries into the URI of multiple scripts. The PoC extracts the MySQL server version by leveraging insufficient input sanitization in the `update_whosonline_reg()` and `update_whosonline_guest()` functions.

Classification

Working Poc 100%

Attack Type

Sqli

Complexity

Trivial

Reliability

Reliable

Target: Elite Bulletin Board 2.1.21 and prior

No auth needed

Prerequisites: Access to the target web application

MITRE ATT&CK